0
    <html>
<head>
<title>Register</title>
</head>
<body>


<h3>Add item</h3>
<form action="" method="POST">
Item name: <input type="text" name="user"><br />
Item Description: <textarea name="comment" id="comment" type="text"></textarea><br />
 <input type="submit" value="Submit" />  

</form>
<?php
if(isset($_POST["submit"])){

if(!empty($_POST['user']) && !empty($_POST['comment'])) {
    $user=$_POST['user'];
    $com=$_POST['comment'];

    $con=mysql_connect('127.0.0.1','root','') or die(mysql_error());
    mysql_select_db('ocp') or die("cannot select DB");

    $query=mysql_query("SELECT * FROM itemtbl WHERE itemname='".$user."'");
    $numrows=mysql_num_rows($query);
    if($numrows==0)
    {
    $sql="INSERT INTO itemtbl(itemname,itemdesc) VALUES('$user','$com')";

    $result=mysql_query($sql);


I've named my text area as 'comment' and now I don't know whats wrong. It keeps bringing me back to the original form

DONT MIND THE TITLE I've edited my reg form earlier to see what wrong, but the problem persists.

fmw42
  • 46,825
  • 10
  • 62
  • 80
kimiko kaho
  • 13
  • 4
  • sidenote: you don't need those `type="text"` in the ` – Kevin Dec 10 '14 at 07:52
  • **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/quessations/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Dec 10 '14 at 07:53
  • `isset($_POST["submit"])` will be `false` unless you give the submit button that name. – Ja͢ck Dec 10 '14 at 07:54
  • What is this line `if(isset($_POST["submit"])){` doing? Perhaps you mean `if (!empty($_POST))` ? – RobP Dec 10 '14 at 07:54

2 Answers2

3

This condition:

if(isset($_POST["submit"])){

will never be true. You don't have a form control with name="submit" in your form.

Give your submit button a name attribute.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
0

You can not enter the if branch. In fact, you can print something out to figure out which step is wrong. If you try echo or var_dump() in your code, the reason will be obvious. By the way, mysql_query() is deprecated as of PHP5.5.0, and will be removed in the future. You can try mysqli_query().

diaosj
  • 21
  • 1