Row created, but values not inserting in table

Question

I created form to insert dropdown values in database. Once i click on "Save" button, new Row created in Table, but values not saving.... Please help me for this.... Let me know if you need any other information...

Add9.php

<?php 
require_once("dbcontroller.php");
$db_handle = new DBController();
?>

      <form name="adduserforms" id="adduserforms" method="post" enctype="multipart/form-data" action="add10.php" >

        name: 
        <select name="names" id="names" class="username">
        <option value="">Select name</option>
        <option value="1" <?php if(isset($_POST['name']) && $_POST['name']==1) echo "Selected";?>>1</option>
        <option value="2" <?php if(isset($_POST['name']) && $_POST['name']==2) echo "Selected";?> class="username">2</option>
        </select>
        <br/>
        type: 
        <select name="department" id="department" class="username">
        <option value="">Select type</option>
        <option value="0" <?php if(isset($_POST['type']) && $_POST['type']==0) echo "Selected";?>>a</option>
        <option value="1" <?php if(isset($_POST['type']) && $_POST['type']==1) echo "Selected";?>>b</option>

        </select>
        <br/>
         <input type="hidden" name="edituser" id="edituser" value="<?php echo @$_POST['edituser'];?>"/>
        <?php if(isset($_POST['edituser']) && $_POST['edituser']=="editUsers"){?>

        <input type="hidden" name="userId" value="<?php echo $_POST['userid'];?>"/>
        <?php }?>
       <input type="button" class="ajax-assign-button" id="assign" value="Save" onclick="assignusers();"/>
       <a href="list1.php"><input type="button" name="BACK" value="BACK"/></a>
      </form>



<script type="text/javascript">
  function assignusers() {

    var edituser=$("#edituser" ).val(); 
    var descheck=$("#names option:selected" ).val(); 
    var depcheck=$("#department option:selected" ).val();

   if(edituser!='')
   {

      if(depcheck!='' && descheck!='')
      {

       $("#adduserforms").submit();

      }
      else
      {
        alert("Please complete the form.");
      }
   }
   else
   {   if(depcheck!='' && descheck!='')
      {

       $("#adduserforms").submit();

      }
      else
      {
        alert("Please complete the form.");
      }
   }


  }
</script>

add10.php

<?php
require_once("dbcontroller.php");
$db_handle = new DBController();
$name=$_POST['name'];
$type=$_POST['type'];

if(isset($_POST['edituser']) && $_POST['edituser']=="editUsers")
{
    if($_SESSION['login_user']=='admin')
    {
        $sql = "UPDATE outofstock set name='".$name."',type='".$type."' WHERE id=".$_POST['userId'];
    }
    else
    {
        $sql = "UPDATE outofstock set name='".$name."',type='".$type."' WHERE id=".$_POST['userId'];
    }

    $redirectUrl="list1.php";
}
else if(isset($_POST['deleteuser']) && $_POST['deleteuser']=="deleteuser")
{
    $sql = "DELETE FROM outofstock WHERE id=".$_POST['userid'];
    $redirectUrl="list1.php";
}
else
{
 $sql = "INSERT INTO outofstock (name,type) VALUES ('".$name."','".$type."')";
 $redirectUrl="list1.php";

}

$result = $db_handle->executeUpdate($sql);
header("location:../Admin/".$redirectUrl);

?>

Please help me for this.... Let me know if you need any other information...

You never pass `$_POST['name'];` and `$_POST['type'];`, but `names` and `departments` instead. Put `print_r($_POST);` at the beggining of your `add10.php` script and check what is coming. — mitkosoft, Aug 30 '18 at 10:57
SQL Injection vulnerability alert! Read up on prepared statements and PDO https://phpdelusions.net/pdo — delboy1978uk, Aug 30 '18 at 10:58
`$name=$_POST['name'];` needs to be `$name=$_POST['names'];` And `$type=$_POST['type'];` needs to be `$type=$_POST['department'];` — Alive to die - Anant, Aug 30 '18 at 10:59
Thanks for all , @AlivetoDie's suggestion worked for me..... — fresher, Aug 30 '18 at 11:03
If it's a typo - the question should be closed as such rather than needing an answer. — Nigel Ren, Aug 30 '18 at 11:03
@NigelRen Thanks for comment ..... its really not a typo , i am learning php, so i did't got answer after i tried lot.... — fresher, Aug 30 '18 at 11:04
A fuller text for my reason for closing this question is *This question was caused by a problem that can no longer be reproduced or a simple typographical error. While similar questions may be on-topic here, this one was resolved in a manner unlikely to help future readers.* — Nigel Ren, Aug 30 '18 at 11:08

score 0 · Accepted Answer · answered Aug 30 '18 at 11:14

Forms send the name attribute of HTML elements in $_POST as array index to get their corresponding values at PHP end.

You missed/misspelled those name attributes, and facing problem.

Change like below:-

$name=$_POST['names']; 

$type=$_POST['department'];

Note:- Your code have SQL Injection vulnerability .Use prepared statements to prevent from that

mysqli_prepare()

PDO::prepare

score -1 · Answer 2 · answered Aug 30 '18 at 11:00

-1

Looks like it could be a simple typo:

<?php echo $_POST['userid'];?>

Yet you refer to $_POST['userId']

Also see comment above from alive to die, he has spotted more inconsistencies

answered Aug 30 '18 at 11:00

delboy1978uk

12,118
2
21
39

1

Thanks , AlivetoDie's suggestion worked for me..... – fresher Aug 30 '18 at 11:05
this will not work for inserting to the database, userid using for only edit/delete – Jomy Joseph Aug 30 '18 at 11:09

Row created, but values not inserting in table

2 Answers2