How to redirect pages after stored data on mysql

Question

I am trying to redirect to thanks webpage after stored on data on mysql using header("Location: success.html"); exit;

but when i open that link it will automatically goes into success.html page without entering or Storing any data on form and mysql.

<?php
$con=mysqli_connect("localhost","root","","vdl");
// Check connection
if (mysqli_connect_errno())
{
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['submit'])) // Fetching variables of the form which travels in URL
{
    $company_name = $_POST['company_name'];
    $since = $_POST['since'];
    $strength = $_POST['strength'];
    $head_quarter = $_POST['head_quarter'];
    if($company_name !=''||$since !='')
    {
        mysqli_query($con,"insert into digital_library(company_name, since, strength, head_quarter) values ('$company_name', '$since', '$strength', '$head_quarter')");
        echo "<br/><br/><span>Data Inserted successfully...!!</span>";
        mysqli_close($con);
    }
    else
    {
        echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
    }
}
header("Location: success.html");
exit;
?>

Are you asking how to redirect or how to insert data? The question isn't clear on that. Your code is full of SQL injection vulnerabilities (which also tend to make code fragile and prone to bugs), and you're not checking for errors. Take out the call to `header()` and debug the database interactions. Are there any errors in your PHP logs? If you turn on error reporting, does any error output to the page? What does `mysqli_error($con)` tell you? Debug to find out specifically where this fails. — David, May 05 '18 at 11:18
Your code is vulnerable to [SQL injection](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use [mysqli](https://secure.php.net/manual/en/mysqli.prepare.php) or [PDO](https://secure.php.net/manual/en/pdo.prepared-statements.php) prepared statements with bound parameters as described in [this post](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). — , May 05 '18 at 11:19
it wont work , because you used echo before header , so to resolve this problem , either , use header before any echo or use output buffering http://php.net/manual/en/intro.outcontrol.php , just add ob_start() at the beginning of your script , and at the end use ob_end_flush(); also , your code is vulnerable — ahmadMarafa, May 05 '18 at 11:20

Amit Kumar · Answer 1 · 2018-05-05T12:22:43.430

Please Use PDO or mysqli. I have just edited your existing code so that you get redirected to your success page after successful insertion.

    $con=mysqli_connect("localhost","root","","vdl");
    $i = 0;
    // Check connection
    if (mysqli_connect_errno())
    {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }
    if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
        $company_name = $_POST['company_name'];
        $since = $_POST['since'];
        $strength = $_POST['strength'];
        $head_quarter = $_POST['head_quarter'];
        if($company_name !=''||$since !=''){
            mysqli_query($con,"insert into digital_library(company_name, since, strength, head_quarter) values ('$company_name', '$since', '$strength', '$head_quarter')");
            echo "<br/><br/><span>Data Inserted successfully...!!</span>";
            mysqli_close($con);
        }
        else{
            $i++;
        }
    }
    if($i==0){
    header("Location: success.html");
    }else{
        echo "Error msg";
    }

score 0 · Accepted Answer · answered May 05 '18 at 12:30

$con=mysqli_connect("localhost","root","","libro");

// Check connection
if (mysqli_error($con))
  {
      echo "Failed to connect to MySQL: " . mysqli_error($con);
      exit();
  }

if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL

        $company_name = $_POST['company_name'];
        $since = $_POST['since'];
        $strength = $_POST['strength'];
        $head_quarter = $_POST['head_quarter'];

        if($company_name !== ''||$since !== ''){

        mysqli_query($con,"insert into digital_library(company_name, since, strength, head_quarter) values ('$company_name', '$since', '$strength', '$head_quarter')");
    echo "<br/><br/><span>Data Inserted successfully...!!</span>";

            header("Location: success.html");
            exit();

        }
    else{

        echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
        exit();

    }
}

How to redirect pages after stored data on mysql

2 Answers2