Refreshing or opening page inserts empty data into my database! PHP, From

Question

I have a form with several input. However, when I just simply load the page, a blank item gets added to the database. Even when I enter the site for the first time, cleared cookies and all, it still adds empty data to the db Why is that?

<body>





<hr></hr>
<div
style="

margin-left:auto;
margin-right:auto;

width:600px;
"
>
<form method="post" action="admin.php" name="main" id="main">
Post to:
<select name="wheretopost" onchange="testValue(this);" name="select" id="select">
<option value="blog">Blog</option>
<option name='links' value="links">Links</option>
<option value="apparel">Apparel</option>
<option value="goods">Goods</option>
</select>
<div class="productKind" style="padding:10px;">
Mens<input type="radio" name="productKind" id="productKind"  value="Mens">
Womens<input type="radio" name="productKind" id="productKind"  value="Womens">
Kids<input type="radio" name="productKind" id="productKind"  value="Kids">
</div>
<div class="goodsKind" style="padding:10px;">
Stickers<input type="radio" name="goodsKind" id="goodsKind"  value="Stickers">
Incense<input type="radio" name="goodsKind" id="goodsKind"  value="Incense">
Patches<input type="radio" name="goodsKind" id="goodsKind"  value="Patches">
</div>
<br/>
Subject:<br/>
<input type="text" name="title" style="width:100%;" />
<br/>
<br/>
TextArea:<br/>
 <textarea name="txtarea" style="width:100%;" rows="30">
 </textarea>

<center> <input type="submit" style="width:300px;" />
</center>
</form>

</div>






<?php
$type = $_POST["wheretopost"];
$title = $_POST["title"];
$body = $_POST["txtarea"];
$date = date("F j, Y");
?>


<?
$sql = "INSERT INTO `yoyo`.`posts` (`id`, `type`, `title`, `body`, `date`) VALUES (NULL, '$type', '$title', '$body', '$date');";
mysql_query($sql);

?>


 </body>
</html>

note that the page it posts to is its self. (could that be the problem?)

You should [check whether it was actually a POST request](http://stackoverflow.com/q/1372147/53114). — Gumbo, Jun 02 '12 at 08:22
Please do not use the mysql_ functions any more. They are no longer supported and the deprecation process has begun. Use either mysqli_ or PDO instead. Also read up on SQL Injection as your code as it is is vulnerable to this (http://bobby-tables.com/), — liquorvicar, Jun 02 '12 at 08:47

score 6 · Accepted Answer · answered Jun 02 '12 at 08:22

Check that request is post before inserting something:

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $type = $_POST["wheretopost"];
    $title = $_POST["title"];
    $body = $_POST["txtarea"];
    $date = date("F j, Y");

    $sql = "INSERT INTO `yoyo`.`posts` (`id`, `type`, `title`, `body`, `date`) VALUES (NULL, '$type', '$title', '$body', '$date');";
    mysql_query($sql);
}

score 1 · Answer 2 · answered Jun 02 '12 at 08:31

1

i hope this is the solution of your problem

<?php 
if(isset($_POST['submit']))
{
 //     write you php code for insert here
}else{ ?>
//       all your html form contents
 <?php } ?>

thats it...

answered Jun 02 '12 at 08:31

Zuber Surya

839
7
17

score 0 · Answer 3 · answered Jun 02 '12 at 08:22

Every time you load a page, you execute next script:

<?php
$type = $_POST["wheretopost"];
$title = $_POST["title"];
$body = $_POST["txtarea"];
$date = date("F j, Y");
?>


<?
$sql = "INSERT INTO `yoyo`.`posts` (`id`, `type`, `title`, `body`, `date`) VALUES (NULL, '$type', '$title', '$body', '$date');";
mysql_query($sql);

?>

Even if you post nothing to it, you get empty results from $_POST array and so add to the database empty records.

score 0 · Answer 4 · answered Jun 02 '12 at 08:26

perhaps because your php code is JUST called at the end of your .php?

<?php
$type = $_POST["wheretopost"];
...

just take this php code and wrap it between an IF condition, like:

if (isset($_POST)) {
   .. code
}

more over, you can write a specific IF condition, checking just an input before proceeding, like (place it inside your form): <input type="hidden" name="postit" value="1" />

if (isset($_POST) && isset($_POST["postit"]) && $_POST["postit"]==1) {
   .. code
}

score 0 · Answer 5 · answered Jun 02 '12 at 08:27

Simply use if(isset(...

<?php
if(isset($_POST["wheretopost"]){
$type = $_POST["wheretopost"];
$title = $_POST["title"];
$body = $_POST["txtarea"];
$date = date("F j, Y");
$sql = "INSERT INTO `yoyo`.`posts` (`id`, `type`, `title`, `body`, `date`) VALUES (NULL, '$type', '$title', '$body', '$date');";
mysql_query($sql);
}
?>

score 0 · Answer 6 · edited Jun 02 '14 at 21:32

0

This method work for I put everything into single condition:

if (!$conn)
{
  die('Could not connect: ' . mysql_error());

$sql = "INSERT INTO emp_info
       (user_nam,f_fnam,l_nam,ref_id,web,comp,str,city,coun)
       VALUES ('$myvar','$myvar1','$myvar2','$myvar3','$myvar4','$myvar5','$myvar6','$myvar7','$myvar8')";
       //echo  $sql; 
      //echo $html;
      mysqli_close($conn);  }
?>

edited Jun 02 '14 at 21:32

Bernhard Barker

54,589
14
104
138

answered Jun 02 '14 at 21:14

user214393

11
1

Refreshing or opening page inserts empty data into my database! PHP, From

6 Answers6

Related