0

i have a username/password <form> and if false, will display invalid users, if true will display a <textarea> and users can comment then submit.

basically, the code below, is the then statement that if login is correct then..

session_start();
    $_SESSION['name'] = $name;
    echo "success, hi $name";
    echo "<table>
          <tr><td>insert comment here</td><td>poster</td>
          <tr><td><form action='post.php' method='post'><textarea name='content'></textarea>
          </td>

          <td> $name</td>
          </tr>

          <input type='submit' name='submit' value='submit'>
          </form>
          </table>";

in relation to the <form> above, i created post.php which will parse all data coming from the <form> and insert it into the database.

<?php
mysql_connect("localhost","root","") or die (mysql_error());
mysql_select_db("data") or die (mysql_error());
?>

<?php 

if (isset($_POST['submit'])) {
$cont = $_POST['content']; //data coming from index.php <form>

mysql_query("insert into data ('content') values ('$cont')");

}
else {
}
?>

what baffles me, is there are no errors being shown. when I input something on my <textarea> then clicked submit, it goes to localhost/post.php but when i refresh to the index page, the submitted data was not saved/recorded to the database.

bobbyjones
  • 2,029
  • 9
  • 28
  • 47
  • 1
    Why does that baffle you? If the query fails, this gets unnoticed in your code, so why do you expect a notice? – hakre May 04 '13 at 19:04
  • 2
    1. dont use mysql_* (deprecated), use mysqli_* or pdo instead. 2. content doesnt need quote in the query (its a field name) : insert into data (content) values ('$cont'). – RafH May 04 '13 at 19:04
  • possible duplicate of [Display error message PHP Mysql](http://stackoverflow.com/questions/13909391/display-error-message-php-mysql) – hakre May 04 '13 at 19:05
  • You should place your HTML outside of the PHP tag instead of echoing it all out. – Bailey Parker May 04 '13 at 19:08
  • thanks @RafH this seems this solved my problem. im not aware that i was using a deprecated method, i was just following a tutorial and just started to apply what ive learned. thanks anyway. – bobbyjones May 04 '13 at 19:10

3 Answers3

0

There are not errors being shown because you do not have error handling method after mysql_query("insert into data ('content') values ('$cont')");

So, you should add or die(mysql_error()); at the end of your query and please capitalize SELECT VALUES.. inside your query.

like mysql_query("INSERT INTO data (content) VALUES ("'.$cont."'));

So, your code should boil down to.

<?php
mysql_connect("localhost","root","") or die (mysql_error());
mysql_select_db("data") or die (mysql_error());
?>

<?php 
if(isset($_POST['submit'])) {
$cont = $_POST['content']; //data coming from index.php <form>

$query =  mysql_query("INSERT INTO data ('content') 
                       values ('".$cont."')") or die(mysql_error());
 if($query){
    echo 'data inserted';
  }else {
    echo 'data not inserted';
   }

}
else {
}
?>

Remember though, I am not encouraging your to use mysql_ because, it is weak and is deprecated, and your code is highly vulnerable to SQL injection. Instead learn PDO

0

It looks like a few things are wrong with your code above. Please refer to this link for help on connecting and showing SQL related issues

Your SQL is invalid, you are not inserting that "$cont" into a table, it looks like your are trying to insert that into your database name "data". Check out this link for more info on SQL INSERT

Also a few things about what you have above:

Community
  • 1
  • 1
Patrick
  • 555
  • 1
  • 5
  • 13
0

Just one suggestion. Dont use <form> tag inside <table>. It creates issue in some cases. try using below format
<form><table>...</table> </form>

Sid
  • 560
  • 7
  • 17