0

I'm having trouble getting this code to write to my SQL database. I can see my table existing in phpMyAdmin. When I write to it and have it spit out it's execution code it looks the same as my $query statement. I can submit forms on my comment box, but I don't have it write to the database. Thanks for the help!

EDIT: Someone tagged my post, pointing me to a page that told me not to mix mysql and mysqli commands. So I changed everything to mysqli. That hasn't fixed the problem.

Here's the code (I've replaced the login id etc by *** but it should be working):

<form method='post'>

  NAME: <input type='text' name='name' id='name' /><br />
  Email: <input type='text' name='email' id='email' /><br />
  Website: <input type='text' name='website' id='website' /><br />
  Comment:<br />
  <textarea name='comment' id='comment'></textarea><br />

  <input type='hidden' name='articleid' id='articleid' value='<? echo $_GET["id"]; ?>' />

  <input type='submit' value='Submit' />    

<?php 

    //Connecting to an online MySQL server. I think...
    //Have to first set up databast through domain provider (bluehost)
    //passwords come from them!

    $db = mysqli_connect('localhost','********1','********2','******3');

    if (mysqli_connect_errno()){
    printf("Connect failed:$s\n", mysqli_connect_errno());
    exit();
    }


    //assign input boxes taken from html above into php variables using post command

    mysqli_select_db('*****1', $db);

    $users_name = $_POST['name'];
    $users_email = $_POST['email'];
    $users_website = $_POST['website'];
    $users_comment = $_POST['comment']; 

    //clean input variables to prevent sql injection attack

    // $users_name = mysql_real_escape_string($users_name);
    // $users_email = mysql_real_escape_string($users_email);
    // $users_website = mysql_real_escape_string($users_website);
    // $users_comment = mysql_real_escape_string($users_comment);

    // Below is sample insert data you can generate by manually entering it through phpMyAdmin site available through domain host (bluehost) cpanel.

    //$sql = mysql_query("INSERT INTO `users` (`col1` , `col1` , `col3`) VALUES ('val1' , 'val2' , 'val3')");


    $query = "
    INSERT INTO `*****3`.`CommentsTable` (`name`, `email`, `website`, `comment`) VALUES ('$users_name', '$users_email', '$users_website', '$users_comment');";


    mysqli_query($query);

    mysqli_close($db);

?>>
Isaac Bennetch
  • 11,830
  • 2
  • 32
  • 43
Peter Weyand
  • 2,159
  • 9
  • 40
  • 72
  • 2
    Possible duplicate of [Can I mix MySQL APIs in PHP?](http://stackoverflow.com/questions/17498216/can-i-mix-mysql-apis-in-php) – Funk Forty Niner Dec 08 '16 at 17:36
  • *"When I write to it and have it spit out it's execution code it looks the same as my $query statement."* - This suggests that you're either trying to access as `file:///` or that the filename is not a `.php` extension. You need to run this off a webserver with php/mysql installed. We also don't know how `$_GET["id"]` is populated from. – Funk Forty Niner Dec 08 '16 at 17:41
  • Possible duplicate of [PHP code is not being executed, instead code shows on the page](http://stackoverflow.com/questions/5121495/php-code-is-not-being-executed-instead-code-shows-on-the-page) – Funk Forty Niner Dec 08 '16 at 17:42
  • Once you get that going, you're most likely going to get undefined index notices right off the bat, since your form with no action implies "self". – Funk Forty Niner Dec 08 '16 at 17:43

0 Answers0