5

I have a form in HTML, but it's not setup like normal I guess. I'll post the code form the HTML (PHP) file and the php to send it to the db.

<form action="upload.php" method="POST">
    <!-- Name input-->
    <div class="form-group">
      <label class="control-label" for="name">Name</label>
      <div class="">
        <input id="name" name="name" placeholder="First and Last Name" class="form-control input-md" type="text" required>
      </div>
    </div>
    <div class="form-group">
        <label class=" control-label" for="supportingDoc">Upload Supporting Documentation</label>
        <div class="">
            <input id="supportingDoc" name="supportingDoc" class="input-file" type="file" style="margin-top: .5em; margin-left: 4em;">
        </div>
    </div>
    <hr>
      <!-- Submit -->
      <div class="form-group">
        <label class="control-label" for="submit"></label>
        <div class="">
          <button value="Submit" type="submit" id="submit" name="submit" class="btn btn-danger" style="border-radius: 25px;">Submit</button>
        </div>
      </div>
</form>

Here is my SQL/PHP

<?php
    $servername = "localhost";
    $username = "xxx";
    $password = "xxx";
    $dbname = "xxx";
    // Create connection
    $con = mysqli_connect("localhost","xxx","xxx","xxx");
    // Check connection
    if (mysqli_connect_errno()){
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    if (isset($_REQUEST['name'])){
        // set variables

        $name = mysql_real_escape_string($_POST['name']);
        $supportingDoc = mysql_real_escape_string($_POST['supportingDoc']);

        $sql = "INSERT INTO `tablew` (name,  supportingDoc) VALUES ('$name', '$supportingDoc')";
        $result = mysqli_query($con,$sql);

        if ($con->query($sql) === TRUE) {
            echo "New record created successfully";
            printf("New record created successfully");
        } else {
            echo "Error: " . $sql . "<br>" . $con->error;
            printf("Error: " . $sql . "<br>" . $con->error);
        }

        $con->close();
    }
?>

I've tried all sorts of variations and nothing is showing in phpmyadmin. I've even replicated from a previous site I created and it still didn't work lol.

I see that there are variables for the login info and still put it in the mysqli, but I've been at this one thing for about 8 hours now and am out of juice, so hopefully someone sees what I messed up on.

Thanks in advance for any help everyone.

=========================================================================== UPDATE: I made all the changes mentioned above and now get this:

Warning: mysqli_connect(): (HY000/1049): Unknown database

I can see the database in phpmyadmin and Sequel Pro. I've also made sure to set the password and login to 'root'. My code is as follows for login:

    $con = mysqli_connect("localhost","root","root","epboarding");
// Check connection
if (mysqli_connect_errno())
{
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

and this is my POST:

if (isset($_REQUEST['submit'])){
// set variables
$name = mysqli_real_escape_string($con, $_POST['name']);
$sql = "INSERT INTO `wos` (name) VALUES ('$name')";
$result = mysqli_query($con,$sql);

phpmyadmin

mysql error

TomG103
  • 311
  • 2
  • 26
  • 1
    1. mixing `mysql_*` with `mysqli_*` is not correct.2.Since you are using `input type="file"` so at php end check it through `$_FILES`. – Alive to die - Anant Dec 30 '17 at 04:29
  • There are like dozen things wrong with this. Use of `$_REQUEST`, sql injections, outdated api, missing bits in html, strange connection objects, etc. and so on. And all the answers posted here are either incomplete or wrong. – tereško Jan 08 '18 at 22:28
  • https://www.eduonix.com/blog/web-programming-tutorials/learn-submit-html-data-mysql-database-using-php/ try this link – AmalJo Jan 10 '18 at 04:52

9 Answers9

9

Following issues can be there:

  1. Uploading error. Use enctype="multipart/form-data" in form tag.
  2. Correct Mysql_connect details i.e. Username, Password, Dbname.
  3. mysql_real_escape_string is depricated. Use mysqli.
  4. Recheck your column names i.e. name, supportingDoc.
TBI
  • 2,789
  • 1
  • 17
  • 21
3

Your html code wrong. Whenever you want to use input type file, you need to put <form> tag to <form enctype="multipart/form-data">. If you re not declaring the enctype, then the PHP cannot read the file.

Mr Hery
  • 829
  • 1
  • 7
  • 25
2

you have to put 

<form enctype="multipart/form-data">

when uploading file . correct your html.

Avinash Gupta
  • 328
  • 4
  • 15
1

Try This

The issue is after clicked on submit button it's not hitting the (isset($_REQUEST['name']))

Change it

if (isset($_REQUEST['submit'])){ //code here}

because you button name is submit.

Use SQL injection like

$con->real_escape_string($_POST['name']);
Naren Verma
  • 2,205
  • 5
  • 38
  • 95
1

for the unknown database error. I simply went to operations in phpmyadmin and changed the name of the database and it worked. give it a try if you haven't fixed the problem yet.

BjornIronside76
  • 21
  • 1
  • Still getting error stating database doesn't exist. I've made random names as well. I'm using Scotchbox, so not sure if that's an issue, but others post their vagrant files, but don't see why this is such an issue. – TomG103 Jan 03 '18 at 04:05
1

in addition to @tbi answer

  • Check php.ini for max post size it cause the POST request to fail if the size exceeds the size set in php.ini

post_max_size=20M upload_max_filesize=20M

  • check your SQL connection and your permissions on the DB

  • use enctype="multipart/form-data" in your form only when you need to upload files (for security reasons)

  • finally, don't forget to bind your post params to prevent SQL-Injection Params Binding

Diaa Saada
  • 1,026
  • 1
  • 12
  • 22
1

  1. If you are using a default account on a local installation, then your connection code will probably look like this:

     <?php $con = mysqli_connect('localhost','root','');
              mysqli_select_db('epboarding', $con); ?>

  2. use enctype="multipart/form-data" in form tag when you use file type.

      <form  name="" method="POST" action="" enctype="multipart/form-data">

3.change the following line 

    if (isset($_REQUEST['name'])){

to

       if (isset($_REQUEST['submit'])){
  1. correct the syntax when post data like mysql to mysqli.
Dee_wab
  • 1,171
  • 1
  • 10
  • 23
1

From the PhpMyAdmin screenshot, it looks like the database is running on port 8889, meaning you would need:

$con = mysqli_connect("localhost","xxx","xxx","xxx", 8889);

Chris Moreton
  • 11
  • 1
1

In addition to what the others have said, I thought I'd provide a tidied script and some (hopefully) useful resource for you other issues.

http://php.net/manual/en/mysqli.construct.php

What's wrong with using $_REQUEST[]?

https://www.w3schools.com/sql/sql_injection.asp

As for your unknown database error this is either your database doesn't exist, is incorrectly named in your PHP script or is unavailable through localhost. 

$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "xxx";

// Create connection
$conn = new mysqli ( $servername, $username, $password, $dbname );

// Check connection
if ( $conn->connect_error ) {
    echo "Failed to connect to MySQL: " . $conn->connect_error;
}

// Check if values are set with post rather than request, as this is deprecated and can output unexpected results
if ( isset( $_POST['name'] ) ) {
    // Set variables
    $name = $_POST['name'];
    $supportingDoc = $_POST['supportingDoc'];

    // Prepare a statement and bind parameters to prevent sql injection
    $stmt = $conn->prepare( "INSERT INTO `tablew` (name,  supportingDoc) VALUES (?, ?)" );
    $stmt->bind_param( 'sb', $name, $supportingDoc );

    if ( $stmt->execute() ) {
        echo "New record created successfully";
        printf( "New record created successfully" );
    } else {
        echo "Error: " . $stmt->error;
        printf( "Error: " . $stmt->error );
    }
    $stmt->close();
    $conn->close();
}
gnusey
  • 354
  • 3
  • 16