0

i want, when user press submit button the enterted data save in database...
Showing no eror but still no data is inserted in database.

please help

<?php
class database
{
    private $connect;
    function __construct()
    {
        $this->connect=new PDO('mysql:host=localhost;dbname=bfgi','root','');
    }
    function insert($institution,$position,$positionname,$department,$natureofjob,$cametoknow)
    {
        $this->connect->query("INSERT INTO contact_form(institution,position,positionname,department,natureofjob,cametoknow) VALUES('$institution','$position','$positionname','$department','$natureofjob','$cametoknow')");
        return true;
    }
}
$obj=new database();

if(!empty($_POST['sbmt']))
{
    $institution=$_POST['institution'];
    $position=$_POST['position'];
    $positionname=$_POST['positionname'];
    $department=$_POST['department'];
    $natureofjob=$_POST['natureofjob'];
    $cametoknow=$_POST['cametoknow'];

    if($obj->insert($institution,$position,$positionname,$department,$natureofjob,$cametoknow))
    {
        echo "INSERTED";
    }
}
?>

please tell the error..

Improve this question
5
  • You're not doing anything with the database class. You have it defined, but never use it. Commented Mar 1, 2019 at 17:20
  • Thanks for reply.. now i have used but still it show error. Commented Mar 1, 2019 at 17:42
  • What error does it show? Please edit your post (not in comments) with the current code, and the exact error you're getting. Commented Mar 1, 2019 at 17:44
  • please check now.. Commented Mar 1, 2019 at 17:58
  • 1) MySQL returns errors differently than PHP. You need to check for PDO errors instead of blindly assuming that it works. 2) You are wide open for SQL injection. Since you're using PDO, take advantage of prepared statements and bindparam or bindvalue. This will take care of any pesky quoting issues that may occur. Commented Mar 1, 2019 at 18:28

1 Answer 1

Reset to default
1

This code only do declarations and variable affectations.

In the first part you define a class, named database, with 2 methods :

  • A constructor, a special method used to initialize your class
  • The insert() method

The second part just puts some $_POST variables in another variables.

To insert a column with this code, you need to construct a database instance ($db = new database();) and to call the insert method on it ($db->insert(...)), with the $_POST parameters you have.

Beside from that, you should not mix declaration (e.g. class or function declaration) and code with sides effects (code that will be executed).

You should also not put raw variables coming from the user in your code, because of SQL Injection risks.

You can read PHP The right way, where there is a list of standards and good habits for PHP.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

$obj=new database(); if($obj->insert($institution,$position,$positionname,$department,$natureofjob,$cametoknow)
Just note that $obj->insert() will return null (because there is no return statement), so your condition will always be false
so what should i return..?
@karanloona You should return the result of $this->connect->query() which is false on case of error : php.net/manual/en/pdo.query.php#refsect1-pdo.query-returnvalues . In case of success however it returns a PDOStatement object (which will evaluate to true in a condition), if you want to just return a boolean you can use a ternary condition (1) or a double negation (2). 1. return $this->connect->query(...) ? true : false; 2. return !!$this->connect->query(...)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.