Data not inserting into database using php

Question

I am using a form to insert data into a table I have created. I get no errors but for some reason, it states it worked, although it does not insert any data,

Here is what I'm using:

This is the form page:

<form name="myForm" action="submitform.php" 
onsubmit="return validateForm()" method="post">
Name: 
<br />
<input type="text" name="fname" style="


Email:
<br />
<input type="email" name="email" >

Subject: 
<br />
<input type="text" name="subject">

Message: 
<br />
<textarea name="message" >
    </textarea>
<input type="submit" value="Send Message" name="add"  >
</form>

phpsidecode

<?php
if(isset($_POST['add']))
{
    $submit=$_POST['add'];
    $Name=$_POST['fname'];
    $Email=$_POST['email'];
    $Subject=$_POST['subject'];
    $Message=$_POST['message'];
    $dbhost='localhost';
    $dbnmae='someuser';
    $dbpass='somepassword';
    $conn = mysql_connect($dbhost,$dbnmae,$dbpass);
    if (!$conn) {
        die('Could not connect: '.mysql_error());
    }
    $sql="INSERT INTO mydb(name, email, subject, message)VALUES('$Name', '$Email', '$Subject', '$Message')";
    mysql_select_db('project1');
    $retrieval=mysql_query($conn,$sql);
    if(!$retrieval)
    {  die('Could not connect: '.mysql_error());
        }
        echo"Entered data successfully\n";
         mysql_close($conn);
}else   
    {   echo"something went to wrong";

    }

?>

Every time you use [the `mysql_`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) database extension in new code **[a Kitten is strangled somewhere in the world](http://2.bp.blogspot.com/-zCT6jizimfI/UjJ5UTb_BeI/AAAAAAAACgg/AS6XCd6aNdg/s1600/luna_getting_strangled.jpg)** it is deprecated and has been for years and is gone for ever in PHP7. If you are just learning PHP, spend your energies learning the `PDO` or `mysqli` database extensions and prepared statements. [Start here](http://php.net/manual/en/book.pdo.php) — RiggsFolly, Jan 23 '17 at 12:00
`mysql_query($conn,$sql);` If you must use obsolete code look that one up in the manual — RiggsFolly, Jan 23 '17 at 12:02
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Jan 23 '17 at 12:03
_I receive no errors_ Thats probably because you are not actually looking for any — RiggsFolly, Jan 23 '17 at 12:05
Add [error reporting](http://stackoverflow.com/questions/845021/how-to-get-useful-error-messages-in-php/845025#845025) to the top of your file(s) _while testing_ right after your opening PHP tag for example ` — RiggsFolly, Jan 23 '17 at 12:07

score 0 · Answer 1 · answered Jan 23 '17 at 12:20

0

Maybe your query is broken due to any single-comma character read from the POST vars. You should scape the variables using addslashes()

Anyway, as suggested in the comments, it's recommended to learn PDO or mysqli.

answered Jan 23 '17 at 12:20

Carles

418
2
18

score 0 · Answer 2 · edited Feb 23 '17 at 12:03

    <?php
        $dbhost='localhost';
        $dbnmae='someuser';
        $dbpass='somepassword';
        $conn = mysqli_connect($dbhost,$dbnmae,$dbpass);
        if (!$conn) {
            die('Could not connect: '.mysqli_error());
        }
    if(isset($_POST['add']))
    {
        $submit=$_POST['add'];
        $Name=$_POST['fname'];
        $Email=$_POST['email'];
        $Subject=$_POST['subject'];
        $Message=$_POST['message'];    
        $sql="INSERT INTO mydb(name, email, subject, message)VALUES('$Name', '$Email', '$Subject', '$Message')";
        mysqli_select_db('project1');
        $retrieval=mysqli_query($conn,$sql);
        if(isset($retrieval)){  
echo "Entered data successfully\n";
             mysqli_close($conn);
            }           
    }else{  
     echo "something went to wrong";
 }
        ?>

score 0 · Answer 3 · edited Feb 23 '17 at 12:02

Try this

<?php
if(isset($_POST['add']))
{
    $Email=$_POST['email'];
    $Subject=$_POST['subject'];
    $Message=$_POST['message'];
    $dbhost='localhost';
    $dbnmae='someuser';
    $dbpass='somepassword';
    $conn = mysql_connect($dbhost,$dbnmae,$dbpass);
    if (!$conn) {
        die('Could not connect: '.mysql_error());
    }
    mysql_select_db('project1');
    $sql="INSERT INTO project1 VALUES('$Email', '$Subject', '$Message')";
    $retrieval=mysql_query($conn,$sql);
    if(!$retrieval)
    {  die('Could not connect: '.mysql_error());
        }
        echo"Entered data successfully\n";
         mysql_close($conn);
}
else   
{   echo"something went to wrong";

}
?>

score 0 · Answer 4 · answered Jun 16 '22 at 09:54

you can sunt add addshlashes to POST vars, look

<?php
if(isset($_POST['add']))
{
    $submit=($_POST['add']);
    $Name=addslashes($_POST['fname']);
    $Email=addslashes($_POST['email']);
    $Subject=addslashes($_POST['subject']);
    $Message=addslashes($_POST['message']);
    $dbhost='localhost';
    $dbnmae='someuser';
    $dbpass='somepassword';
    $conn = mysql_connect($dbhost,$dbnmae,$dbpass);
    if (!$conn) {
        die('Could not connect: '.mysql_error());
    }
    $sql="INSERT INTO mydb(name, email, subject, message)VALUES('$Name', '$Email', '$Subject', '$Message')";
    mysql_select_db('project1');
    $retrieval=mysql_query($conn,$sql);
    if(!$retrieval)
    {  die('Could not connect: '.mysql_error());
        }
        echo"Entered data successfully\n";
         mysql_close($conn);
}else   
    {   echo"something went to wrong";

    }

?>

for me this code work and after you put the code you need to delete the table and remake a new one. Hope it works for you

Data not inserting into database using php

4 Answers4