Unable to store PHP form data in database

Question

I am developing a sample e-commerce website built on PHP,Bootstrap and MySQLi

I am facing problem with 2 PHP pages: home.php and cart-script.php

Some relevant portion of home.php for a form with text input and button is: `

<div class="panel panel-default">
    <div class="panel-heading">
        <div class="panel-title">
            <?php TitleQuery(2); ?>
        </div>
    </div>
    <div class="panel-body">
        <center>
            <?php
                PhotoQuery(2);
            ?>
        </center>
            <p>
                <?php
                    BodyQuery(2);
                ?>
            </p>
    <form action="cart-script.php" method="POST">
        <p>
            <center>
                <input type="number" class="form-control" name="name2" placeholder="Select quantity to add:">
                </input>
            </center>
        </p>
        <input type="button" name="submit2" class="btn btn-primary btn-block" value="Add to cart">
        </input>
    </form>
</div>

`

My code for cart-script.php file is: `

session_start();
require_once("connection.php");
if(isset($_POST['submit2']))
{
    $n=int($_POST['name2']);
    $id=2;
    $query1= "SELECT ItemName,Price FROM items WHERE ItemID='2'";
    $result1=mysqli_query($con,$iquery1);
    while($row=mysqli_fetch_array($result))
    {
        $iname=$row["ItemName"];
        $p=$row["Price"];
    }
    $query = "INSERT INTO shopcart VALUES 
             (
                 '{$id}',
                 '{$iname}',
                 '{$p}',
                 '{$n}'
             )";
    $result=mysqli_query($con,$query);
}

?>`

Whenever I click on 'Add to cart' button in home.php and then check database on PHPMyAdmin on WampServer, the database has not been affected all. Where am I wrong?

You're already using an API that supports **prepared statements** with bounded variable input, you should utilize parameterized queries with placeholders (prepared statements) to protect your database against [SQL-injection](http://stackoverflow.com/q/60174/)! Get started with [`mysqli::prepare()`](http://php.net/mysqli.prepare) and [`mysqli_stmt::bind_param()`](http://php.net/mysqli-stmt.bind-param). — Qirel, Sep 19 '17 at 12:16
Let MySQL tell you whats wrong, by using [`mysqli_error()`](http://php.net/manual/en/mysqli.error.php) — Qirel, Sep 19 '17 at 12:16
@Qirel I tried mysqli_error() function, but still database is unaffected — Siddharth, Sep 19 '17 at 12:18
**Some simple debugging usually helps.** Put some output in your *cart-script.php* file, open your developer tools (F12) and see what it says. Switch on error reporting in PHP. — KIKO Software, Sep 19 '17 at 12:18
`while($row=mysqli_fetch_array($result))` that failed you and error reporting would have told you about the undefined variable. — Funk Forty Niner, Sep 19 '17 at 12:19
`mysqli_error($con);` won't magically fix anything, but it will output any errors that MySQL encounters. You use that errormessage to figure out what's going wrong. — Qirel, Sep 19 '17 at 12:20
Thanks everyone, due to my silly mistakes, I had typed $result instead of $result1. Also, in the , I had typed type="button" which was incorrect — Siddharth, Sep 19 '17 at 14:00

score 1 · Answer 1 · answered Sep 19 '17 at 12:17

1

You just need to submit Your form:

<input
  type="submit"
  name="submit2"
  class="btn btn-primary btn-block"
  value="Add to cart">

Your form not submitted yet

answered Sep 19 '17 at 12:17

Salim Ibrohimi

1,351
3
17
35

I didn't understand – Siddharth Sep 19 '17 at 12:19
2

You need to change the type of your submit button from 'button' to 'submit'. – KIKO Software Sep 19 '17 at 12:20
@Siddharth: You do not submit Your form to the server – Salim Ibrohimi Sep 19 '17 at 12:20

score 0 · Answer 2 · answered Sep 19 '17 at 12:25

session_start();
        require_once("connection.php");
        if(isset($_POST['submit2']))
        {
            $n = $_POST['name2'];
            $id=2;
            $query1= "SELECT ItemName,Price FROM items WHERE ItemID = '2' ";
            $result1=mysqli_query($con,$query1);
            while($row=mysqli_fetch_array($result1))
            {
                $iname=$row["ItemName"];
                $p=$row["Price"];

                $query = "INSERT INTO shopcart VALUES ('$id','$iname','$p','$n') ";
                $result = mysqli_query($con,$query);
                if($result)
                {
                    echo "success";
                }
            }
        }

add then You have some undefined like $iquery1 I have updated the code it might work for you .

Unable to store PHP form data in database

2 Answers2