Inputted values not saved while inserting data from html form into sql database (html,php,sql)

Question

The problem: insert.php connects fine, but only inserts empty values ('') when I hit 'save' on the html form. The text I type, which I'm trying to insert, isn't saved. Somewhere a connection isn't being made and that data is lost but I can't figure out exactly where. Any help?

HTML insert form (collecting data for 2 parameters, 'user' and 'thread')

<form action="insert.php" method="post">
user: <input type="text" name="user"><br>
thread: <input type="text" name="thread"><br>
<input type="submit" value="Save">
</form>

PHP code to connect to SQL, insert inputted values

<?php

$user = $_POST['user'];
$thread = $_POST['thread'];

$servername = "##.##.###";
$username = "harwoodjp";
$password = "~";
$dbname = "332";

//create connection
$conn = new mysqli($servername, $username, $password, $dbname);

//check connection
if ($conn->connect_error) {
    die("SQL (&#9746)<br/> " . $conn->connect_error);
}
echo "SQL (&#9745) <br/>";

$sql = mysql_connect($servername,$username,$password);
mysql_connect($servername,$username,$password);
mysql_select_db("332project");

//insert values
$insert_query = "INSERT INTO test1(user,thread) VALUES ('$user', '$thread')";
mysql_query($insert_query);

echo "<script>window.location='select.php'</script>"; //select.php displays the full table

//close MySQL
mysql_close($sql);
?>

Some generic remarks: it seems you connect three times (1x `new mysqli`, 2x `mysql_connect`). You also do not escape the form input. What would the insert query look like when I write the following in the user field: `', ''); DROP DATABASE DATABASE(); --` (hint: it will delete your entire database). Sanitize your inputs! :-) — Tomas Creemers, Nov 30 '14 at 00:08
Another remark: use [header('Location: select.php'); die();](http://php.net/manual/en/function.header.php) if you're just trying redirect. Use them as your last lines of code. — Lynn Adrianna, Nov 30 '14 at 02:04

score 1 · Answer 1 · answered Nov 30 '14 at 03:57

1

try this

<?php

$user = $_POST['user'];
$thread = $_POST['thread'];

$servername = "localhost";
$username = "root";
$password = "";
$dbname = "db";

//create connection
$conn = mysql($servername, $username, $password, $dbname);

//check connection
if ($conn->connect_error) {
    die("SQL (&#9746)<br/> " . $conn->connect_error);
}
echo "SQL (&#9745) <br/>";

$sql = mysql_connect($servername,$username,$password);
mysql_select_db("db");

//insert values
$insert_query = "INSERT INTO test1(user,thread) VALUES ('$user', '$thread')";
mysql_query($insert_query);

echo "<script>window.location='select.php'</script>"; //select.php displays the full table

//close MySQL
mysql_close($sql);

?>

answered Nov 30 '14 at 03:57

jay.jivani

1,560
1
16
33

Thanks for cleaning it up. Unfortunately, the problem persists, even with this code. $insert_query echoes 'INSERT INTO test1(user,thread) VALUES ('', '')', which means user and thread are still registering as empty values. – Justin Harwood Nov 30 '14 at 04:07
Hey, so now it's working for me. Mind if I ask what exactly you changed? Looks quite similar... – Justin Harwood Nov 30 '14 at 04:26
1

ya..sure..you write `mysql_connect($servername,$username,$password)` this line 2 times so mysql confuse to create connection & u use somewhere `mysql_*` and somewhere `mysqli_*`..so meaning is use any one of `mysql_*` or `mysqli_*` – jay.jivani Nov 30 '14 at 04:34

score 0 · Answer 2 · edited May 23 '17 at 11:50

0

It might be because the default form posting method is GET.

Either change your $_POST to $_GET or add method="POST" to your form tag.

edited May 23 '17 at 11:50

Community

1
1

answered Nov 30 '14 at 01:50

Lynn Adrianna

107
7

Hi, thanks for the comment. Neither solution has worked. Guess the problem's elsewhere? – Justin Harwood Nov 30 '14 at 02:19
Post your revised version at the top, so we can see. – Lynn Adrianna Nov 30 '14 at 02:24
I honestly can't see anything wrong with what you have. You'll have to debug your code by pinpointing where it fails. I would print `$user`, `$thread`, `$insert_query` to see what values you're getting. (Don't forget to comment out – Lynn Adrianna Nov 30 '14 at 02:46
Yeah, so like I suspected - $user and $thread won't print, $insert_query echoes "INSERT INTO test1(user,thread) VALUES ('' , '')". Empty values, hmmm... – Justin Harwood Nov 30 '14 at 03:08
1

Next step: add `print_r($_POST);` as the first line. What do you get after submitting? – Lynn Adrianna Nov 30 '14 at 03:14
print_r($_POST) prints 'Array ( )'. What to make of this? – Justin Harwood Nov 30 '14 at 03:21
1

Unfortunately, I am out of ideas :( Try looking at [similar questions](http://stackoverflow.com/search?q=php+empty+post) on the site. There's bound to be one with a solution. – Lynn Adrianna Nov 30 '14 at 03:31

Inputted values not saved while inserting data from html form into sql database (html,php,sql)

2 Answers2