Save input into database

Question

Hello guys i need some help.I connected to database from server and can insert some info like $sql = "INSERT INTO Posts (Text_Post) VALUES ('Sample Text')";. Now I want to save on click text from <input type="text" /> to database. Can you tell me what i am doing wrong.

 <?php

      $servername = "google.com";
      $username = "google";
      $password = "google";
      $dbname = "google";

    // Create connection
    $conn = new mysqli($servername, $username, $password, $dbname);
    // Check connection
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    } 

    if(isset($_POST['Submit'])) {
            $sql = "INSERT INTO Posts (Text_Post) VALUES ('".$_POST['text']."')";

            if ($conn->query($sql) === TRUE) {
                echo "New record created successfully";
            } else {
                echo "Error: " . $sql . "<br>" . $conn->error;
            }

            $conn->close();
    }
  ?>

  <!DOCTYPE html>
  <html>
  <head>
    <title>anonim</title>
  </head>
  <body>
    <form name="form" action="" method="post">
      <input type="text" name="text" id="text" value="Salut" /=>
      <input type="submit" id="Submit" /> 
    </form>
  </body>
  </html>

@dr4605 your code is open to SQL Injection, never use input values directly from the $_POST or $_GET variables. — Jacques Koekemoer, Mar 10 '16 at 10:01

score 4 · Accepted Answer · edited May 23 '17 at 12:15

You're missing the name tag on your submit. When data is POST'ed to the server, it uses the name tag.

<input type="submit" id="submit" name="Submit">

Remember to watch your Capitals also - (since you're checking if Submit is SET then you need to POST the submit).

You could just do:

if(isset($_POST['text'])) {

Also, going off the comments: I'd suggest taking a look at this link because you're prone to SQL Injections.

score 0 · Answer 2 · edited Mar 11 '16 at 10:04

0

when we are going to post a form using POST or GET. we should always give name to all our fieds so we get get them just using $_POST['name'] or $_GET['name']. In Your case just give a name to your submit tag and check whether data is submitted or not.

replace

<input type="submit" id="Submit" />

with

<input type="submit" id="submit" name="submit">

and check it like

if(isset($_POST['submit'])) {// it will only check where form is posted or not

// your code...

}

edited Mar 11 '16 at 10:04

Jaquarh

6,493
7
34
86

answered Mar 10 '16 at 16:11

Passionate Coder

7,154
2
19
44

replace – Passionate Coder Mar 10 '16 at 16:13
with – Passionate Coder Mar 10 '16 at 16:13
sorry these lines left in my answer please check these two lines... :) – Passionate Coder Mar 10 '16 at 16:14

Save input into database

2 Answers2