0

Here is my form code :

<form action="inscription_smmar2.php" method="post" class="form-horizontal" role="form">
                <div class="form-group">
                    <label for="nom" class="col-sm-2 control-label">Nom&Prénom</label>
                    <div class="col-sm-10">
                        <input type="text" class="form-control" id="nom" name="nom" placeholder="Nom&Prénom">
                    </div>
                </div>
                <div class="form-group">
                    <label for="labo" class="col-sm-2 control-label">Laboratoire</label>
                    <div class="col-sm-10">
                        <input type="text" class="form-control" id="labo" name="labo" placeholder="Nom du Laboratoire">
                    </div>
                </div>
                <div class="form-group">
                    <label for="email" class="col-sm-2 control-label">Mail</label>
                    <div class="col-sm-10">
                        <input type="mail" class="form-control" id="email" name="email" placeholder="mail">
                    </div>
                </div>
                <div class="form-group">
                    <label for="pass" class="col-sm-2 control-label">Mot de Passe</label>
                    <div class="col-sm-10">
                        <input type="password" class="form-control" id="pass" name="pass">
                    </div>
                </div>
                <div class="form-group">
                    <div class="col-sm-offset-2 col-sm-10">
                    <button name="submit_m" type="submit" class="btn btn-primary">  <b>Valider</b> </button>
                    </div>
                </div>
            </form>

And then the php handling data insert into my database's table :

<?php session_start(); 
        $nom = $_POST['nom'];
        $labo = $_POST['labo'];
        $mail = $_POST['email'];
        $mdp = $_POST['pass'];

        echo $mdp."; ".$nom;
        try{
            $bd = new PDO('mysql:host=localhost;port=3306;dbname=cl54-smad','cl54-smad','s/Cdq-!N-');
            }catch(Exception $ex){
                echo $ex;
            }
        $req = $bd -> exec("insert into laboratoire(nom, responsable, mail, mdp) VALUES('".$labo."', '".$nom."', '".$mail."', '".$mdp."')");
        ?>

I really tried for hours and also searched in different threads but couldn't fing anything until now.

Edit : I finally found the core of the problem, I think I messed something with the "laboratoire" table properties in the SGBD, thus the queries maybe can't be performed and executed anymomre for it in which case I created a new table and the problem is actually solved.

hbrole
  • 1
  • 1
  • 1
    What do you mean can't insert? Do you get any errors? – ArtOsi Dec 15 '17 at 11:23
  • Try removing spaces between `$bd -> exec` – hungrykoala Dec 15 '17 at 11:23
  • if you are using PDO why not leverage the power of `prepared statements` and prevent sql injection? – Professor Abronsius Dec 15 '17 at 11:26
  • Unfortunatly, I got no error, the new data are simply not added to the table despite the insert query. – hbrole Dec 15 '17 at 11:26
  • Are you using a DB user that has `INSERT` priviledge? Two notes aside: [validate](http://php.net/manual/it/filter.examples.validation.php) and [sanitize](http://php.net/manual/en/filter.examples.sanitization.php) your data and use [PDO prepared statements](http://php.net/manual/it/pdo.prepared-statements.php) – Brigo Dec 15 '17 at 11:33
  • @Kaddath I just followed your advice, but it still not working. Also, forgot to mention that update queries work pretty well unlike insert. – hbrole Dec 15 '17 at 11:33
  • @Kaddath thank you for the clarification :) – hungrykoala Dec 15 '17 at 11:42

2 Answers2

0

If this used to work and now doesn't without you making any changes to it, you should check if in the MySQL you don't have an autoincremented primary key that is defined as tinyint or something like that.

If the count reaches the maximum limit for that type [256 values for tinyint, 65536 for smallint and so on] you cannot add anything else to that table.

The fix for this problem should be quite easy, as you must only define the field as a one-upper type. eg: if it's tinyint, go for smallint.

Also, please check if you need for the values to be signed and if not, check the unsigned box. Also, plan for the future, as tables could get filled in quite quckly, depending on your use.

Sorin Buturugeanu
  • 1,782
  • 4
  • 19
  • 32
  • My Primary key is indeed an autoincremented one, however it's defined as an int and I don't think it reached an astronomical number as well. The last regitered Id is equal to 55. – hbrole Dec 15 '17 at 11:43
  • Can you post the output of an actual query? – Sorin Buturugeanu Dec 15 '17 at 11:49
  • use `echo "insert into laboratoire(nom, responsable, mail, mdp) VALUES('".$labo."', '".$nom."', '".$mail."', '".$mdp."')";` to print it to screen – Sorin Buturugeanu Dec 15 '17 at 11:49
  • Yeah something like this : insert into laboratoire(nom, responsable, mail, mdp) VALUES('pharma 5555', 'Dracula', 'something@gmail.commm', 'something') – hbrole Dec 15 '17 at 11:53
  • seems like a valid query if you don't have any stray `'` in `something` turning it into an injection. you might also want to try putting the `$req = $bd -> exec("`... line inside the `try` block and see if any exception show up – Sorin Buturugeanu Dec 15 '17 at 12:08
  • I just found that the insert query works just fine for another table (called "medecin") but not for the "laboratoire" one. – hbrole Dec 15 '17 at 12:17
  • I have the feeling that there is something in the part you replaced with `something`. It's hard to tell what's going wrong without the actual output and table structure, but look at rogue / unescaped `'` or `"`, unique columns, or reserved SQL keywords. – Sorin Buturugeanu Dec 15 '17 at 15:32
-2

try changing the button to input type=button value=submit remove the role=form from the form and remove the spaces between $bd -> exec

makoulis
  • 33
  • 5