-1

I'm trying to write to a database using CKEditor.. when I press submit it dies and says localhost is currently unable to handle this request. HTTP ERROR 500

I only want to save the textarea into a row in database so I can then read the row on to another page.

<!DOCTYPE html>
<html>

<head>
    <meta charset="utf-8">
    <meta name="robots" content="noindex, nofollow">
    <title>Classic editor replacing a textarea</title>
    <script src="http://cdn.ckeditor.com/4.6.0/standard-all/ckeditor.js"></script>
</head>

<body>
    <form id="editor1" action="save.php" method="post" >

    <textarea cols="80" id="editor1" name="editor1" rows="10">
    </textarea>

        <p>
            <input type="submit" value="Submit">
        </p>
    </form>

    <script>
        CKEDITOR.replace( 'editor1' );
    </script>
</body>

</html>

PHP script

<?php

if(isset($_POST['submit']))
{
   // Putting data from form into variables to be manipulated
   $text = $_POST['editor1'];

   $conn = mysql_connect("localhost","root","root") or die ("Can't connect");
   mysql_select_db("managerMessage",$conn);

   // Getting the form variables and then placing their values into the MySQL table
   mysql_query("INSERT INTO text (textarea) VALUES ("mysql_real_escape_string($text)");
}
?>
RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Johnny Charnock
  • 39
  • 1
  • 4
  • **Stop** using deprecated `mysql_*`API. Use `mysqli_*` or `PDO` with prepared statements – Jens Nov 22 '16 at 11:01
  • did you get the ckeditor value in $text variable? –  Nov 22 '16 at 11:08
  • Every time you use [the `mysql_`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) database extension in new code **[a Kitten is strangled somewhere in the world](http://2.bp.blogspot.com/-zCT6jizimfI/UjJ5UTb_BeI/AAAAAAAACgg/AS6XCd6aNdg/s1600/luna_getting_strangled.jpg)** it is deprecated and has been for years and is gone for ever in PHP7. If you are just learning PHP, spend your energies learning the `PDO` or `mysqli` database extensions. [Start here](http://php.net/manual/en/book.pdo.php) – RiggsFolly Nov 22 '16 at 11:08
  • @Jens In PHP the concatenation character is `.` (dot) not `+` (plus) – RiggsFolly Nov 22 '16 at 11:09
  • You miss`.` to concatinate your string: mysql_query("INSERT INTO text (textarea) VALUES (".mysql_real_escape_string($text).")"; – Jens Nov 22 '16 at 11:10
  • @jens is correct and also missing submit button name in form so you have to add – Shanu k k Nov 22 '16 at 11:27

1 Answers1

0

You are not concatenating the value correctly in this statement and also text data in a query like this should be wrapped in quotes

mysql_query("INSERT INTO text (textarea) VALUES ("mysql_real_escape_string($text)");

This is a corrected verion of your code

mysql_query("INSERT INTO text 
                    (textarea) 
             VALUES ('" . mysql_real_escape_string($text) . "')");

A simpler piece of code would be to read and probably maintain would be

$t = mysql_real_escape_string($text);
mysql_query("INSERT INTO text (textarea) VALUES ('$t')");

I would be remiss if I did not remind you that

Every time you use the mysql_ database extension in new code a Kitten is strangled somewhere in the world it is deprecated and has been for years and is gone for ever in PHP7. If you are just learning PHP, spend your energies learning the PDO or mysqli database extensions. Start here

EDIT RE: not saving the data to the database

Add some error checking to your code like so:

$t = mysql_real_escape_string($text);
$result = mysql_query("INSERT INTO text (textarea) VALUES ('$t')");
if ( ! $result ) {
    echo mysql_error();
    exit;
}

Once you know the error, if one exists, you can start work on fixing it.

Community
  • 1
  • 1
RiggsFolly
  • 93,638
  • 21
  • 103
  • 149