0

I'm trying to add data to my database but it won't work, and no error message is displayed.

order.php:

<?php   

$con=mysqli_connect("localhost","root","","jutta");

//if form is submitted
if(isset($_POST['submit'])) { 
    $size=$_POST['shoe_sizes'];
    $qan=$_POST['quantity'];
    $details=$_POST['shipping_address'];
    $contact=$_POST['contact'];
    $date=date('Y-m-d');

    $sql="INSERT INTO orders(size, qan, address, contact, date) VALUES ($size, '$qan', '$address', '$contact', '$date')";

    $query=mysqli_query($con, $sql) or die('Query could not be connected.');

    if($query) {
        echo "success";
    }
    else {
        echo "fail.";
    }
}
?>

My form:

<form action='order.php' method='post'>
    <br>
    <a href='admin/product_images/$pro_image' title='$pro_title' class='MagicZoom'>
    <img src='admin/product_images/$pro_image' width='200' height='150' class='img-responsive'/></a><br>
    Name: <font style='color:#2E9AFE; text-align: center;'><b>$pro_title </b></font>
    <p><label>Price:</label> <font style='color:black; text-align: center;'><b> Rs. $pro_price </b></font></p>
    <div class='row'>
        <div class='col-sm-6'>
            <b><label>Select Size:</label> </b><select name='shoe_sizes'>
                    <option>5</option>
                    <option>6</option>
                    <option>7</option>
                    <option>8</option>
                    <option>9</option>
                </select>
                </div>
                <div class='col-sm-6'>
                <b><label>Quantity:</label> </b><select name='quantity'>
                    <option>1</option>
                    <option>2</option>
                    <option>3</option>
                    <option>4</option>
                </select></div>
        </div><hr>
    <b style='color: grey;'><label>Shipping Address: <br></b><textarea name='shipping_address' cols='25' rows='3' required /></textarea><br>
    <b><label>Contact No. :</label></b> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input name='contact' type='tel' id='phone' placeholder='Your Contact Number'>
    <hr>
    <button type='submit' name='submit' class='btn btn-primary'><a href='order.php' style='color:white; text-decoration:none;'>Order Now</a></button>
</form>

It redirects me to order.php file without inserting data to datbase and not even any message just a blank page.

Mark N Hopgood
  • 843
  • 8
  • 14
santosh
  • 7
  • 5
  • Check it's going in if(isset($_POST['submit'])) or not? – test Jun 26 '15 at 04:25
  • $sql="INSERT INTO orders(size, qan, address, contact, date) VALUES ('".$size."', '".$qan."', '".$address."', '".$contact."', '".$date."')"; try like this – Ramki Jun 26 '15 at 04:28
  • now its giving me Query could not be connected. message but i thinks my connection is good to go what can i do now ? – santosh Jun 26 '15 at 04:28
  • If there is an error in establishing your connection, then there is an error in your connection string. You need to validate and make sure you username password host and and database is correct. Also please use `mysql_error($con)` and it will display your error. Place it below your connection string and after your query – Twister1002 Jun 26 '15 at 04:34
  • 1
    why there is an anchor tag within your button? – Burak Jun 26 '15 at 04:40
  • 1
    Please check your connection and post block of your code... uf ur credentials are correct, then most likely your request is not passing thru the if statement. Why dont u just use the – Zuko Jun 26 '15 at 04:40
  • $con=mysqli_connect("localhost","root","","jutta"); if (!$con) { echo "error"; } else { echo "good to go"; } i did this and it gives me good to go so i dont think there is problems in connection it stil gives me query could not connected – santosh Jun 26 '15 at 04:43
  • 1
    You should be using `mysqli_real_escape_string($con,$_POST['shoe_sizes'])` for each of them to avoid SQL injection and to avoid problems with quotes. – frosty Jun 26 '15 at 04:50
  • Have you tried putting `mysqli_error($con)` after your insert query? That seems to be where the error is. – Twister1002 Jun 26 '15 at 04:51
  • sorry but i'm just a beginner can you write full script @ frosty – santosh Jun 26 '15 at 04:59
  • I remember someone saying this last night, and I believe they are correct. Remove `` from your button and you should be good. So instead of `` Replace it with `` – Twister1002 Jun 26 '15 at 13:01

7 Answers7

0

use like this :

$sql="INSERT INTO orders(size, qan, address, contact, date) VALUES ('".$size."', '".$qan."', '".$details."', '".$contact."', '".$date."')";
Ramki
  • 519
  • 2
  • 9
0

In your insert statement you are missing single quotes on the size variable as it is being posted as a string. 

$sql="INSERT INTO orders(size, qan, address, contact, date) VALUES ('$size', '$qan', '$address', '$contact', '$date')";

You are also using the reserved keyword date as one of your field names in your orders table

ajhanna88
  • 88
  • 6
  • if size is an integer value, single quotes are not needed. – Burak Jun 26 '15 at 04:37
  • 1
    @Burak Better safe than sorry at any rate. – Twister1002 Jun 26 '15 at 04:39
  • still Query could not be connected. – santosh Jun 26 '15 at 04:45
  • @Twister1002 It depends which one finds worse... Inserting an unquoted string when `INT` is expected causes an error but entering a single quoted string inserts a row with value 0 into the field (with a warning though). – BudwiseЯ Jun 26 '15 at 04:47
  • I suspect it is being passed in the $_POST variable as a string. – ajhanna88 Jun 26 '15 at 04:47
  • @budwiser I've never had an issue inserting an numeric value in quotes to a database. I've never see warnings from this either. Sure if the value is indeed a non-numeric value, then it would throw an error. – Twister1002 Jun 26 '15 at 04:49
  • @santosh use `mysqli_real_escape_string()` for each of them like this `mysqli_real_escape_string($con,$_POST['shoe_sizes']);` – frosty Jun 26 '15 at 04:53
0

You have retrieved variable:

$details=$_POST['shipping_address'];

Then change it to $details rather then $address:

$sql="INSERT INTO orders(size, qan, address, contact, date) VALUES ($size, '$qan', '**$address**', '$contact', '$date')";
Bruce
  • 1,647
  • 4
  • 20
  • 22
Chirag Goti
  • 116
  • 1
  • nop its still not working it gives query could not connected – santosh Jun 26 '15 at 04:54
  • change the database table with this one: CREATE TABLE `orders` ( `size` int(11), `qan` int(11), `address` varchar(20), `contact` varchar(12), `date` date ) at phpmyadmin – Chirag Goti Jun 26 '15 at 05:08
0

First off, NEVER TRUST your user's input. It can leave your database vulnerable. Always escape your user's input by mysqli_real_escape_string(). You don't want to leave your database open to hacker's attacks.

Secondly, when trying to find out an error, there is several ways to figure this out. Either echo your query, or if you believe there is an error in your query, you can kill your script! This is very efficient in debugging your code and possible issues. So for instance you can use mysqli_error():

if (!$query) {
   die(mysql_error($con)); //Kills your script and shows you the error
}

This to me is highly effective in order to fix your code, and database issues.

Another potiential error I see as well, is your inserted variables. You are inserting null / empty strings into your database by unset variables. In order to see what I mean you should echo $query. This will display your ENTIRE query.

Twister1002
  • 559
  • 1
  • 9
  • 26
0

You're assigning $_POST['shipping_address'] to the variable $details, but you're inserting variable $address into the database. This causes the query to fail.

Change $details to $address and you'll be fine.

BudwiseЯ
  • 1,846
  • 2
  • 16
  • 28
0
  1. Avoid using mysql_connect.Its depreciated.Use PDO connection. Below code is tested with your html and values are inserted into my db.

$dsn = 'mysql:dbname=stackdb;host=127.0.0.1'; // give your dbname instead of stackdb and host. If running on localhost,leave it as 127.0.0.1
$user = 'root'; //Give your username to access db.
$password = '*****'; // Replace **** instead of password. If you dont have password, delete only the stars not the quotes.
$dbh = new PDO($dsn, $user, $password);


$sql = "INSERT INTO stackdba (shoeSize,quantity,shippingAddress,contact) VALUES(?,?,?,?)"; //stackdba is the table name
$insert = $dbh ->prepare($sql);
$insert->execute(array($_POST['shoe_sizes'],$_POST['quantity'],$_POST['shipping_address'],$_POST['contact']));

If your data is not inserted,then still if you see blank page, it means you got syntax error somewhere.

Try 

error_reporting('E_ALL');

in line 1 of your php file.

Alaksandar Jesus Gene
  • 6,523
  • 12
  • 52
  • 83
0

First of all remove anchor tag that you have placed in between 

<button type='submit' name='submit' class='btn btn-primary'>
<a href='order.php' style='color:white; text-decoration:none;'>Order Now</a></button>

When you already define the form action to order.php, then its not required to create an anchor tag. Currently when you click on the button, the form will be redirected to order.php due to anchor tage without without posting any data that's why the blank page will be displayed on the screen. It will look like :

<button type='submit' name='submit' class='btn btn-primary'>Order Now</a></button>
<br />

For further error handling kindly turn on the error reporting.

Tristan
  • 3,301
  • 8
  • 22
  • 27
Sanchit Gupta
  • 3,148
  • 2
  • 28
  • 36