-2

insert.php page

<body>
<h1>Insert Form</h1>
<p>This will be used to insert fields to the database</p>

<form name="insert_form" method="post" action="insertprocess.php">
t ID: <input name="testID" type="text" disabled><br>
t Name: <input name="testNAME" type="text"><br>
<button type="submit" name="submit">Submit</button>
</form>

</body>
</html>

insertprocess.php page

<?php
include("config.inc.php");

mysql_query("INSERT INTO test (test_ID, test_NAME) VALUES ('".$_POST['test_ID']."','".$_POST['test_NAME']."')");

?>

This is the error I get.

Notice: Undefined index: test_ID in C:\inetpub\wwwroot\Test\insertprocess.php on line 4 Notice: Undefined index: test_NAME in C:\inetpub\wwwroot\Test\insertprocess.php on line 4

halfer
  • 19,824
  • 17
  • 99
  • 186
William1234
  • 3
  • 2
  • just check isset $_POST variable – Ankur Tiwari Oct 14 '15 at 03:06
  • If you managed to solve your problem, you should inform the community by choosing the correct answer. This will help future users. – Pedro Lobito Oct 14 '15 at 03:15
  • The [mysql_* extension is deprecated](http://docs.php.net/intro.mysql) and will be removed in the upcoming version 7 of php, choose [another api](http://docs.php.net/manual/en/mysqlinfo.api.choosing.php) to connect to your mysql server. Also have a read of http://docs.php.net/security.database.sql-injection – VolkerK Oct 14 '15 at 03:27
  • Thank you for all your comments. I updated the post as I can't post again. – William1234 Oct 14 '15 at 03:41
  • Your code is vulnerable to SQL injection. – Boann Oct 14 '15 at 03:46

1 Answers1

2

testNAME is different from $_POST['test_NAME'] the same applies to testID $_POST['test_ID '].

Change to:

$_POST['testNAME']
$_POST['testID']
Pedro Lobito
  • 94,083
  • 31
  • 258
  • 268