How to fix error in html

Question

I have created one HTML form and i have written php script also to connect to database. If i enter data in form and hit UPDATE button in form, its showing error like below,

<form action="process.php" method="Post"/>
<style>
p{
    float:left;
}
</style>
<fieldset>
    <legend align="center"><FONT color=default>Enter information Of SO's</legend>
    <p align="center"> 
      <label for="SO_ID"><FONT color=white>SO_ID</label>
      <br/>
      <input type="varchar" id="SO_ID" name="SO_ID"required/>
</p>

<p align="center">
  <label for="No.of_samples"><FONT color=white>No.of samples</label>
  <br/>
  <input type="int" id="No.of_samples" name="No.of_samples"required/>
</p>

<p align="center">
  <label for="Sample name"><FONT color=white>Sample name</label>
  <br />
  <input type="varchar" id="Sample name" name="Sample name"required/>
</p>


<p align="center">
  <label for="Client name"><FONT color=white>Client name</label>
  <br />
  <input type="text" id="Client name" name="Client name"required/>
</p>


<p align="center"> 
  <label for="Institution"><FONT color=white>Institution</label>
  <br/>
  <input type="text" id="Institution" name="Institution"required/>
</p>
<p align="center"> 
  <label for="Run number "><FONT color=white>Run number </label>
  <br/>
  <input type="int" id="Run number" name="Run number"required/>
</p>
<p align="center"> 
  <label for="Obtained reads"><FONT color=white>Obtained reads</label>
  <br/>
  <input type="int" id="Obtained reads" name="Obtained reads"required/>
</p>
<p align="center"> 
  <label for="Re run Info"><FONT color=white>Re run Info</label>
  <br/>
  <input type="text" id="Re run Info" name="Re run Info"required/>
</p>
<p align="center"> 
  <label for="Total reads"><FONT color=white>Total reads</label>
  <br/>
  <input type="int" id="Total reads" name="Total reads"required/>
</p>
<p align="center"> 
  <label for="Run date"><FONT color=white>Run date</label>
  <br/>
  <input type="date" id="Run date" name="Run date"required/>
</p>
<p align="center"> 
  <label for="Raw data location"><FONT color=white>Raw data location</label>
  <br/>
  <input type="varchar" id="Raw data location" name="Raw data location"required/>
</p>
<p align="center"> 
  <label for="Analyst"><FONT color=white>Analyst</label>
  <br/>
  <input type="varchar" id="Analyst" name="Analyst"required/>
</p>
<p align="center"> 
  <label for="Mentor"><FONT color=white>Mentor</label>
  <br/>
  <input type="text" id="Mentor" name="Mentor"required/>
</p>
<p align="center"> 
  <label for="Analysis start date"><FONT color=white>Analysis start date</label>
  <br/>
  <input type="date" id="Analysis start date" name="Analysis start date"required/>
</p>
<p align="center"> 
  <label for="Analysis end date"><FONT color=white>Analysis end date</label>
  <br/>
  <input type="date" id="Analysis end date" name="Analysis end date"required/>
</p>
<p align="center"> 
  <label for="Report location"><FONT color=white>Report location</label>
  <br/>
  <input type="varchar" id="Report location" name="Report location"required/>
</p>

</fieldset>
<div style="text-align:center"> 
<button action= "process.php" method="post" >
   <img alt="ok" src=
   "http://www.blueprintcss.org/blueprint/plugins/buttons/icons/tick.png" /> 
   UPDATE
  </button>


</form>

the above script is saved in "process.html"

now below PHP script.

<?php
  define('DB_NAME','ProcessTrackingSystem');
  define('DB_USER','root');
  define('DB_PASSWORD','');
  define('DB_HOST','localhost');

 $link=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);

if(!$link){

 die('couldnot connect:'.mysql_error());
}

  $db_selected=mysql_select_db(DB_NAME,$link);

    if(!$db_selected){
 die('cannot use'.DB_NAME.':'.mysql_error());
}

$value1 =$_POST['SO_ID'];
$value2 =$_POST['No.of samples'];
$value3 =$_POST['Sample name'];
$value4 =$_POST['Client name'];
$value5 =$_POST['Institution'];
$value6 =$_POST['Run number '];
$value7 =$_POST['Obtained reads'];
$value8 =$_POST['Re run Info'];
$value9 =$_POST['Total reads'];
$value10 =$_POST['Run date'];
$value11 =$_POST['Raw data location'];
$value12 =$_POST['Analyst'];
$value13 =$_POST['Mentor'];
$value14 =$_POST['Analysis start date'];
$value15 =$_POST['Analysis end date'];
$value16 =$_POST['Report location'];


$sql="INSERT INTO ProcessDetails (SO_ID, No.of_samples, Sample_name, Client_name, Institution,  Run_number, Obtained_reads, Re_run_Info, Total_reads, Run_date, Raw_data_location, Analyst, Mentor, Analysis_start_date, Analysis_end_date, Report_location) VALUES ('$value1', '$value2', '$value3', '$value4', '$value5','$value6', '$value7', '$value8', '$value9', '$value10','$value11', '$value12', '$value13', '$value14', '$value15','$value16')";

if(!mysql_query($sql)){
 die('error:'.mysql_error());
}

header('Location:process.html');


mysql_close();
?>

now if i enter the data into html form, its showing error that "error:Unknown column 'No.of_samples' in 'field list'". anyone help me out to fix this error and get desired output.
Thanks in advance....

The field name has an underscore in the HTML but not in the PHP here `$_POST['No.of?samples'];` - Also I do not trust the dot in the name which may be seen as a concatenation char in PHP if you are unlucky - so it likely needs some kind of escaping. Rename it to `No_of_samples` — mplungjan, Jun 11 '15 at 04:33
Sidenote: You really shouldn't use spaces for POST arrays or punctuations. Keep it all alpha-numerical. — Funk Forty Niner, Jun 11 '15 at 04:37
ok i deleted that , than also same error i am getting sir !!! — Aditya K, Jun 11 '15 at 04:41
this is another issue `['Run number ']` there's a spaces after the `r` which will eventually fail. — Funk Forty Niner, Jun 11 '15 at 04:42
can u please specify either in HTML script or PHP script !!! — Aditya K, Jun 11 '15 at 04:45
then here's another `` - that is also invalid syntax as "type" as is ` — Funk Forty Niner, Jun 11 '15 at 04:46
@Fred-ii- , if u dont mind can u please fix those syntax errors and repost the script, as i am very new for html and php scripting !!!! — Aditya K, Jun 11 '15 at 04:51
I've already given you enough for you to fix those syntax errors. There is far too much work involved here and I'm headed off to dreamland as we speak. You will only learn if you fix your own mistakes; something I have already shown you. I hope I'm not passing off as a *big meanie*, but that's the only way you will learn from your mistakes. Good luck, you will succeed; *remember that* ;-) — Funk Forty Niner, Jun 11 '15 at 04:54
i have removed all the spaces in between the names sir, now its running perfectly, thanks for u r encouragement sir, sure i will improve my html skills and within short span of time , i will also suggest answers for questions here !!!!! — Aditya K, Jun 11 '15 at 05:06
If you can, you should [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) [statements](http://php.net/manual/en/pdo.prepared-statements.php) instead, and consider using PDO, [it's really not hard](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Jun 11 '15 at 12:55

Robby Cornelissen · Answer 1 · 2015-06-11T04:51:35.193

3

Assuming that a No.of_samples column exists in your table, quote the name with backticks (`) in your query:

$sql="INSERT INTO ProcessDetails (SO_ID, `No.of_samples`, Sample_name, Client_name, Institution,  Run_number, Obtained_reads, Re_run_Info, Total_reads, Run_date, Raw_data_location, Analyst, Mentor, Analysis_start_date, Analysis_end_date, Report_location) VALUES ('$value1', '$value2', '$value3', '$value4', '$value5','$value6', '$value7', '$value8', '$value9', '$value10','$value11', '$value12', '$value13', '$value14', '$value15','$value16')";

Also, you might want to look into SQL injection security risks, and into using the non-deprecated mysqli_* functions instead of the deprecated mysql_* ones.

edited Jun 11 '15 at 04:51

answered Jun 11 '15 at 04:33

Robby Cornelissen

91,784
22
134
156

1

I was about to post an answer myself, but you got it covered. ;-) – Funk Forty Niner Jun 11 '15 at 04:35
now i am getting this error "error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''No.of_samples', Sample_name, Client_name, Institution, Run_number, Obtained_rea' at line 1" – Aditya K Jun 11 '15 at 04:35
Did you use single quotes or backticks? – Robby Cornelissen Jun 11 '15 at 04:36
1

@AdityaK You need to copy/paste Robby's code exactly as shown. Ticks `\`` resemble single quotes `'` but are not the same. Either you do that, or rename your column to something like `No_of_samples` then you won't need to use ticks around it. You should also see the comments left under your question. – Funk Forty Niner Jun 11 '15 at 04:41

score 2 · Accepted Answer · answered Jun 11 '15 at 04:33

2

You are inserting to column No.of_samples which does not exist!

answered Jun 11 '15 at 04:33

venca

1,196
5
18

here is the column "
No.of samples

" – Aditya K Jun 11 '15 at 04:38
mysql says not, because you dont escape name. best practise is to using lowercase *a-z_0-9* characters and not using reserved words – venca Jun 11 '15 at 04:39
oh... it is not html problem. it is mysql problem. – venca Jun 11 '15 at 04:40
if possible can u specify whats the problem in mysql?? – Aditya K Jun 11 '15 at 04:52
You dont read. Rename *No.of_samples* to *no_of_samples* and problem is gone. – venca Jun 11 '15 at 04:54
1

Only if the column name is actually `no_of_samples` and you have no way of knowing that this is the case. It's entirely possible that the column name is actually `No.of_samples`, but only OP can verify. – Robby Cornelissen Jun 11 '15 at 04:56

How to fix error in html

2 Answers2