1

I am trying to create a simple blog entry form where a user enters the title, blog entry and submits it. The form should then insert the 'blog entry' into MYSQL using the insert query.

  • I am getting NO errors.
  • When I submit form nothing is changed, the database has no new entry and the form doesn't show "Post Submitted" or "Post Not Submitted".

Here is the blog.php code

<?php 
    // 1. Establish a connection using three functions: 1. mysqli_connect() 2. mysqli_connect_errno() 3. mysqli_connect_error()
    $dbhost = "localhost";
    $dbuser = "root";
    $dbpass = "";
    $dbname = "blog";

    $connection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname); 

    // Test if connection occured
    if(mysqli_connect_errno()) {
        die("Database connection failed " . mysqli_connect_error() . "( " . mysqli_connect_errno() . " )");
        }    

    //Form submitted
    if(isset($_POST['submit'])) {

    //Error checking
    if(!$_POST['title']) {
        $error['title_error'] = "<p>Please supply a title.</p>\n";
        }

    if(!$_POST['blog']) {
        $error['blog_error'] = "<p>Please supply blog content.</p>\n";
        }

    //No errors, process
    if(!is_array($error)) {

    //Process your form
    // 2. Perform Your Query

    $post_title = $POST["title"];
    $post_content = $POST["blog"];

    $query = "INSERT INTO entries (blog_id, blog_title, blog_content) 
            VALUES ('null', '{$post_title}', '{$post_content}')";

    $result = mysqli_query($connection, $query);

    //Display confirmation of post.

    if($result) {
        echo "Post submitted!";
        } else {
        echo "Error, post NOT submitted!";
    }

    //Require or include any page footer you might have
    //here as well so the style of your page isn't broken.
    //Then exit the script.
    exit;

    } else {
        echo $error;
        }
}

?>

<doctype>
    <html>
        <head>
            <title> Blog </title>
        </head>

        <body>
            <form method="POST" action="blog.php">
                Title: <input name="title"  type="text"> <br />
                Blog: <textarea name="blog" cols="100" rows="5"> Blog Text here... </textarea> <br />
                <input  value="submit" type="submit" value="Submit" />
            </form>
        </body>

</html>

Here is a screen shot of the form AFTER submitting it.

enter image description here

Here is a screenshot of MYSQL database called blog, and table called entries:

enter image description here

Here is the structure of my database: enter image description here

Does anybody know what I'm doing wrong. I am new to PHP and I have no idea how to debug a problem when I'm getting no errors!

UPDATE 1. The solution worked. Thank you. However I getting the following error:

Notice: Undefined variable: error in C:\XAMPP\htdocs\blogwebsite\blog.php on line 30

I know it's because I have not initialized the $error[] array. But what is the standard way of getting rid of this error? Please help!

user3289740
  • 271
  • 3
  • 6
  • 17

2 Answers2

1

Your if(isset($_POST['submit'])) { condition will not set as true because you did not set a name tag for your submit button.

It should be

<input value="Submit" type="submit" name="submit"/>

Then on the re-assigning to another variable the passed-on data from the form, it should not be $POST["title"], it should be $_POST["title"].

You should also consider using mysqli_real_escape_string to prevent SQL injections.

$post_title = mysqli_real_escape_string($connection, $_POST["title"]);
$post_content = mysqli_real_escape_string($connection, $_POST["blog"]);

But still, you should use prepared statement rather than using mysqli_* with the functions of the deprecated mysql_* API.

Regarding the error you are getting for undefined variable, why don't you just scrap the input checking part of your code, and replace it with simply this:

if(!empty($_POST["title"]) || !empty($_POST["blog"])){ /* IF BOTH INPUTS HAVE CONTENTS */
  /* THE CODE YOU WANT TO EXECUTE */
}
else {
  $error = "<p>Please supply a title or a blog content.</p>\n";
}

Or just remove your input checking, and use HTML's required attribute.

<input name="title" type="text" required>
<textarea name="blog" cols="100" rows="5" required>

so that your PHP code will be straight-forward:

if(isset($_POST["submit"])){
  /* YOUR INSERT QUERY HERE */  
}

The cons of required, as well as the !empty() condition, is that it accepts empty space (). To bypass this, you should use Javascript or libraries that support this kind of stuff.

Community
  • 1
  • 1
Logan Wayne
  • 6,001
  • 16
  • 31
  • 49
  • The solution worked. Thank you. However I getting the following error: > Notice: Undefined variable: error in C:\XAMPP\htdocs\blogwebsite\blog.php on line 30 **I know it's because I have not initialized the $error[] array. But what is the standard way of getting rid of this error? Please help!** – user3289740 Sep 08 '15 at 03:09
  • Thank you for your help! What is the standard way of working with errors in a form, and the most optimal way? Is it most popularly done through JavaScript out of the options you've listed? – user3289740 Sep 08 '15 at 03:28
  • Yes, javascript is the way to go for a thorough checking of forms. And BTW, if my answer did help you, you can upvote or accept my answer as the correct one. – Logan Wayne Sep 08 '15 at 03:31
  • @user3289740 You can post a new question or search for it, on how not to accept space. This is a good trick, [user can't use space](http://stackoverflow.com/questions/15435036/restrict-space-at-first-position-in-textbox-using-jquery-javascript). – Logan Wayne Sep 08 '15 at 04:07
  • Thank you. I guess I should start learning JavaScript side by side with PHP. – user3289740 Sep 08 '15 at 07:23
0

In your html form, the submit element has two "value" attributes but no "name" attribute. Therefore it is not being found in the if(isset($_POST['submit'])) check and the original form being displayed as if nothing was posted.

Maltronic
  • 1,782
  • 10
  • 21