PHP always evaluating to false with Post parameters

Question

I have already looked around Stack Overflow and found very similar questions (such as this one): if (!empty ($_POST)) not working

The code below is always echoing "Post is empty" even when posted with the following URL: http://localhost/gui.php?sql=Select+*+from+Constituents%3B

        <form>
        SQL Query: <input type="text" name="sql"><br>
        <input type="submit" value="Query">
        </form>
        <?php 
        if(!empty($_POST["sql"])){
            $sql = $_POST["sql"];
            $result = $conn->query($sql);

            if ($result->num_rows > 0) {
            // output data of each row
                while($row = $result->fetch_assoc()) {
                    echo "Name: " . $row["firstName"]. " " . $row["lastName"]. "<br>","Address: ", $row["address"], ", ", $row["city"],", ",$row["state"],", ",$row["zip"],"<br>","Phone: ", $row["phone"], ", ",$row["email"],"<br><br>";
                }
            } else {
                echo "No results for query";
            }
        }
        else{
            echo "Post is empty";
        }

I've tried switch to using the isset function, running a count on the post, and other things, but I am always hitting the echo "Post is empty"; statement regardless of what happens. I'm sure this is a really simple issue.

Answer 1

The reason is that your <form> doesn't contain/specifiy a POST method.

Forms default to GET if the method is omitted.

Therefore you need to modify it to <form method="post"> instead.

---

Sidenote which needs mentioning:

Plus, in regards to SQL injection which you are open to, use mysqli with prepared statements, or PDO with prepared statements, they're much safer.

• Never trust user-input.

Answer 2

you forgot to write form method.. you should add method tag in your form and set it post

<form method="post">