0

I have this problem with phpMyAdmin. I've set up my simple php and mysql scripts and everything works fine. It connects to my mysql database(remote with my hosting provider) and it does actually insert all the required fields into the database. the problem is that the fields are all blank. there is nothing in them. here is my code:

<?php
$con = mysql_connect("myserverip","mydatabasename","my password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("mydatabasename", $con);

$sql="INSERT INTO nametable (firstname, lastname) VALUES('$_POST[firstname]','$_POST[lastname]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?>

The html is very simple, just two input fields with first name and last name:

The html:

<html>
<body>
<h1>A small example page to insert some data in to the MySQL database using PHP</h1>
<form action="insert.php" method="post">
Firstname: <input type="text" name="fname" /><br><br>
Lastname: <input type="text" name="lname" /><br><br>

<input type="submit" />
</form>
</body>
</html>

All help is appreciated.

Cro-Magnon
  • 193
  • 7
  • 2
    Please dont use [the `mysql_` database extension](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), it is deprecated (gone for ever in PHP7) Specially if you are just learning PHP, spend your energies learning the `PDO` database extensions. [Start here](http://php.net/manual/en/book.pdo.php) its really pretty easy – RiggsFolly Jul 12 '16 at 20:01
  • Can you add the form for this? If the PHP is running but not inserting values, then there's likely an issue there. – andrewsi Jul 12 '16 at 20:01
  • Yes give me a moment. – Cro-Magnon Jul 12 '16 at 20:02
  • But if you must then the issue is arrays within quoted literals and using the wrong field names i.e. use`VALUES('{$_POST[fname]}','{$_POST[lname]}')` – RiggsFolly Jul 12 '16 at 20:02
  • Oh jees.. I see it now I;ve uploaded it haha! It's the name isn't it?! – Cro-Magnon Jul 12 '16 at 20:03
  • @Cro-Magnon - your form's fields are called `fname` and `lname`; your PHP is looking for `firstname` and `lastname`. Change the one set to the other. – andrewsi Jul 12 '16 at 20:03
  • 1
    Appropriate name for someone still using the `mysql_` database extension – RiggsFolly Jul 12 '16 at 20:03
  • @andrewsi Let me check if that fixes it otherwise I can close this, wow I've been up for way too long. – Cro-Magnon Jul 12 '16 at 20:04
  • @RiggsFolly +1 For that haha! – Cro-Magnon Jul 12 '16 at 20:04
  • Glad to see you have a sense of humour – RiggsFolly Jul 12 '16 at 20:06

1 Answers1

0

Because you have enclosed your $_POST variables in single quotes ('), PHP is treating them as strings rather than as arrays, so the data is not being pulled from them. Your query should look something like this:

$sql = "
  INSERT INTO 
      nametable (firstname, lastname) 
  VALUES
      ('" . $_POST['firstname'] . "', '" . $_POST['lastname'] . "')";

(whitespace added for readability)

Also, as some other users have pointed out, the mysql extension for PHP has been deprecated so it should not be used. Furthermore, the way your are building your query opens you up to something called SQL injection, which is very dangerous.

If this code is just for fun then that's fine, but you should not upload this to a production server under any circumstances.

RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Jamison Bryant
  • 430
  • 3
  • 12
  • 1
    No, remember they are text data so they need the single quotes around the data values! – RiggsFolly Jul 12 '16 at 20:09
  • 2
    No. The _string_ is a double quoted one, and the single quotes internal to the string will make no difference as to how those values are interpreted. – andrewsi Jul 12 '16 at 20:09
  • Small amendment, so I can resist the temptation to DV I hope you dont mind – RiggsFolly Jul 12 '16 at 20:13
  • 1
    Also you can just remove the quotes around the array occurances like `VALUES('$_POST[fname]','$_POST[lname]')` or add curly brackets and keep the single quotes `VALUES('{$_POST['fname']}','{$_POST['lname']}')` – RiggsFolly Jul 12 '16 at 20:15
  • Don't mind at all! Thanks for catching my mistake. Also didn't know about the curly brace thing so thanks for that as well. – Jamison Bryant Jul 13 '16 at 18:10