No data insertion when button pressed

Question

When i press the submit button to insert record, it pulls out no error but when i check the database i find no records submitted too. please what could be wrong with my script. just started with php

<?php

    if (isset($_POST['submitted'])){

        include('Connections/connect.php');

        $term= $_POST['term'];
        $details= $_POST['details'];



$sql = "INSERT INTO people (term,details) VALUES ($term,$details)";



$newrecord ="Inserted Successfully";

    }

?>

connect.php

<?php

$hostname_speedapp = "localhost";
$database_speedapp = "mydb";
$username_speedapp = "root";
$password_speedapp = "password";
$mydb= mysqli_connect($hostname_mydb, $username_mydb, $password_mydb) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

HTML

<form id="form1" name="form1" method="post" action="page1.php">
  <p>
    <label for="term"></label>
    <input type="text" name="term" id="term" />
  </p>
  <p>
    <label for="details"></label>
    <input type="text" name="details" id="details" />
  </p>
  <p>
    <input type="submit" name="button" id="button" value="Submit" />
     <input name="submitted" type="hidden" value="submitted"  />
  </p>
</form>
<p>
<?php
$newrecord
?>

You're just defining the query string, not actually executing the query anywhere. Check out the [manual](http://php.net/manual/en/book.mysqli.php) for info on the `MySQLi` extension. Also, your query is open to SQL injection, so you should read [this post](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — harris, Sep 21 '15 at 09:26
there are so many errors in this question, it's not funny. Plus, a few things that nobody even caught. *Facepalm* — Funk Forty Niner, Sep 21 '15 at 10:03

score 1 · Answer 1 · edited May 23 '17 at 12:06

There is a lot wrong with your code Let's take it step by step:

<?php

    if (isset($_POST['submitted'])){

        include('Connections/connect.php');

        $term= $_POST['term'];
        $details= $_POST['details'];

You are not escaping here. When I'm a bad man I could destroy your application Read more about escaping here: How can I prevent SQL injection in PHP?

$sql = "INSERT INTO people (term,details) VALUES ($term,$details)";

You are defining a query here but you do not do anything with this query read about executing query's on the php documentation page: http://php.net/manual/en/mysqli.query.php

$newrecord ="Inserted Successfully";

You are defining a variable $newrecord here but it does not have a function here. Add echo $newrecord; to echo the value of the variable $newrecord: http://php.net/echo

    }

?>

Then you are not using the correct variables in your connect.php

<?php

$hostname_speedapp = "localhost";
$database_speedapp = "mydb";
$username_speedapp = "root";
$password_speedapp = "password";
$mydb= mysqli_connect($hostname_mydb, $username_mydb, $password_mydb) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

You are defining $hostname_speedapp and using $hostname_mydb in your mysqli_connect change that to $hostname_speedapp etc.. changing your connection string to: $mydb= mysqli_connect($hostname_speedapp, $username_speedapp, $password_speedapp)

You are not selecting a database in your connectionstring. You are defining a variable with your database name called: $database_speedapp but you never use it.

Change your connectionstring to: $mydb= mysqli_connect($hostname_speedapp, $username_speedapp, $password_speedapp, $database_speedapp) and you should be good to go

Meenatchi P · Answer 2 · 2015-09-21T09:43:48.517

0

use this:

 ` $sql = "INSERT INTO people (term,details) VALUES ($term,$details)";
   $result=mysqli_query($mydb,$sql);`

edited Sep 21 '15 at 09:43

answered Sep 21 '15 at 09:24

Meenatchi P

33
9

it gives me this error: Warning: mysqli_query() expects at least 2 parameters, 1 given – i_user Sep 21 '15 at 09:36

score 0 · Answer 3 · answered Sep 21 '15 at 09:26

You dont even have an insert query in your script.

$hostname_speedapp = "localhost";
$database_speedapp = "mydb";
$username_speedapp = "root";
$password_speedapp = "password";
$mydb= mysqli_connect($hostname_mydb, $username_mydb, $password_mydb) or trigger_error(mysql_error(),E_USER_ERROR);

$sql = "INSERT INTO people (term,details) VALUES ($term,$details)";

if (mysqli_query($mydb, $sql)) {
    $newrecord ="Inserted Successfully";
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($mydb);
}

mysqli_close($mydb);

@i_user make sure you have a database selected and both the connection script and insert query script are in the same page — Nelson Owalo, Sep 21 '15 at 09:43

Abdulla Nilam · Accepted Answer · 2015-09-21T09:45:49.470

0

add this

    $sql = "INSERT INTO people (term,details) VALUES ($term,$details)";

    if (mysqli_query($mydb, $sql))
    {
        echo "New record created successfully";
    } 
    else
    {
        echo "Error: " . $sql . "<br>" . mysqli_error($mydb);
    }

EDIT 01

$hostname_speedapp = "localhost";
$database_speedapp = "mydb";
$username_speedapp = "root";
$password_speedapp = "password";
$mydb= mysqli_connect($hostname_mydb, $username_mydb, $password_mydb) or trigger_error(mysql_error(),E_USER_ERROR);

and top of page1.php

include("connect.php");

edited Sep 21 '15 at 09:45

answered Sep 21 '15 at 09:41

Abdulla Nilam

36,589
17
64
85

@i_user check your missing lines – Abdulla Nilam Sep 21 '15 at 09:42
@i_user check edit 1. and check database name is correct – Abdulla Nilam Sep 21 '15 at 09:46
@i_user happy to help :) – Abdulla Nilam Sep 23 '15 at 09:35

score 0 · Answer 5 · answered Sep 21 '15 at 10:13

Connect.php

  <?php
  $hostname_speedapp = "localhost";
  $database_speedapp = "mydb";
  $username_speedapp = "root";
  $password_speedapp = "password";
  $mydb= mysqli_connect($hostname_speedapp, $username_speedapp, $password_speedapp,$database_speedapp) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

page1.php

if (isset($_POST['submit'])){

    include('Connections/connect.php');

    $term= $_POST['term'];
    $details= $_POST['details'];

    $sql = "INSERT INTO people (term,details) VALUES ('".$term."' , '".$details."')";
    if ($mydb->query($sql) === TRUE) {     //can use connected database $mydb 
             $newrecord = "New record created successfully";
    } else {
       echo "Error: " . $sql . "<br>" . $mydb->error;
    }

  }
 ?>
<form id="form1" name="form1" method="post" action="">
<p>
<label for="term"></label>
<input type="text" name="term" id="term" />
</p>
<p>
<label for="details"></label>
<input type="text" name="details" id="details" />
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
</p>
</form>
<p>
<?php
if(isset($newrecord)){
echo "<h3>$newrecord</h3>";
}
?>

nothing will fire up (will throw a notice). Plus, think about what will happen if someone enters nothing in the inputs ;-) not to mention about still leaving them open to SQL injection. — Funk Forty Niner, Sep 21 '15 at 10:23

score -2 · Answer 6 · edited Sep 22 '15 at 05:31

-2

I think you need to quote the submitted data values in your sql query:

Change the following:

$sql = "INSERT INTO people (term,details) VALUES ($term,$details)";

to

$sql = "INSERT INTO people (term,details) VALUES ('$term','$details')";

edited Sep 22 '15 at 05:31

Abdulla Nilam

36,589
17
64
85

answered Sep 21 '15 at 09:25

Professor Abronsius

33,063
5
32
46

you're the only one who got this. No idea why it was so heavily downvoted. I gave you an upvote. You did miss a few things, but that shouldn't be a reason why your answer received so many downvotes and with no reason. Nobody else caught that, and I don't know why they even got upvotes for not getting everything and clearly missed some also. – Funk Forty Niner Sep 21 '15 at 10:01
I did miss the fact the OP hadn't included the actual sql execute but wondered why so many downvotes - thanks for the upvote @Fred-ii- :) – Professor Abronsius Sep 21 '15 at 10:03
watch the others start to change their answers lol - give it time ;-) I for one, will not be submitting an answer. There are far too many things wrong with that question, it's really not funny. – Funk Forty Niner Sep 21 '15 at 10:11

No data insertion when button pressed

6 Answers6