-1

I'm new to this, but I need help to see where I've gone wrong. This is the code which I have tried:

<td>:</td>
<td><input name="lastname" type="text" ></td>
</tr>
<tr>
<td>Details</td>
<td>:</td>
<td><input name="details" type="text" ></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>

This is the PHP page for processing and inputting into the database:

<?php

$name=$_REQUEST['name'];
$lastname=$_REQUEST['lastname'];
$details=$_REQUEST['details'];

//connect to Database
$link = new mysqli("localhost", "name", "pass", "DB");

//check connection
if (!$Link){
    printf("Connect Failed: %s/n", mysqli_connect_error());
    exit();
}
//turn auto commit off
mysqli_autocommit($link,FALSE);

mysqli_query ($link,"INSERT INTO IncidentDatabase (First_Name, Last_Name,Inciden_Details) VALUES ('$name','$lastname','$details')");

/* commit transaction */
mysqli_commit($link);

/* close connection */
mysqli_close($link);
?>
halfer
  • 19,824
  • 17
  • 99
  • 186
Jorren
  • 98
  • 1
  • 10
  • 3
    "thats the end of the question" — Where is the start of the question? You have shown us some code, but you haven't said what it is supposed to do or what it does. – Quentin Aug 29 '13 at 09:15
  • are you trying to use prepared statement? – chirag ode Aug 29 '13 at 09:15
  • 1
    You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Aug 29 '13 at 09:15
  • Im trying to get the information from the form into the DB and it keeps telling me there is a connection error, I can't see th eproblem – Jorren Aug 29 '13 at 09:17
  • that's not a form it's a table. try using the `
    ` tag. instead of `$_REQUEST` use `$_POST`. Change `!$Link` to `!$link`. Double check spelling, e.g. `Inciden_Details` = `Incident_Details` ??
     – pulsar Aug 29 '13 at 09:17
  • 1
    You are using both "Link" and "link" for the same variable. Fix it first. And concatenate your variables with dots on your query, don't write them straight into the string. – kgd Aug 29 '13 at 09:18
  • i think you have missed some code – chirag ode Aug 29 '13 at 09:19
  • have you changed username and password of phpmyadmin? – chirag ode Aug 29 '13 at 09:20

1 Answers1

1

xkcd
> xkcd

It looks like you're trying to mix object-oriented and procedural styles. Either you need to replace new mysqli with mysqli_connect, or use $link->something() functions instead. I don't believe you can mix and match.

In addition, you should use $_POST (or $_GET, depending on the form's method) instead of $_REQUEST to ensure you're getting stuff from the right place.

As for your connection error, $link and $Link are two different variables. Variable names are case-sensetive.

Community
  • 1
  • 1
Niet the Dark Absol
  • 320,036
  • 81
  • 464
  • 592