phpmyadmin CRUD functions

Question

I have to create a table on phpmyadmin, and then use php to make the CRUD functionality, I have done each as a separate function, but for some reason, it just won't add the data I add to the form to the table. I think that is the only error

<!DOCTYPE html>
<html>
<body>
  <h1> Create</h1><br>
  <form method="post">
      id: <input type="number" name="id"><br>
      creator: <input type="text" name="creator"><br>
      title: <input type="text" name="title"><br>
      type: <select name ="type">
        <option value="Crime">Crime</option>
        <option value="Fiction">Fiction</option>
        <option value="Non-Fiction">Non-Fiction</option>
        <option value="Thriller">Thriller</option>
      </select><br>
      identifier: <input type="text" name="identifier" value ="ISBN"><br>
      date: <input type="text" name="date"><br>
      language: <select name ="langauge">
        <option value="en-GB">en-GB</option>
        <option value="en-US">en-US</option>
        <option value="fr-FR">fr-FR</option>
        <option value="fr-CA">fr-CA</option>
      </select><br>
      description: <input type="text" name="description"><br>
      <input type="submit">

  </form>

Create the data to insert into the table

<?php
function create()
{
  $servername = "localhost";
  $username = "root";
  $password = "";
  $dbname="dbname";

  //create connection
  $conn = mysqli_connect($servername, $username, $password, $dbname);

  // check connection
  if(!$conn)
  {
    die("Connection failed: " . mysqli_connect_error());
  }
  echo "Connected successfully";

  // assign variable names to take in the data and then be used
  $creator = $_POST['creator'];
  $title = $_POST['title'];
  $type = $_POST['type'];
  $identifier = $_POST['identifier'];
  $date = $_POST['date'];
  $language = $_POST['language'];
  $description = $_POST['description'];

  $sql = "INSERT INTO table (creator, title, type, identifier, date, language, description)
  VALUES ($creator', '$title', '$type', '$identifier', '$date', '$language', '$description')";

  if (mysql_query($conn, $sql))
  {
     echo "New record created successfully";
  }
   else
   {
      echo "Error: " . $sql . "<br>" . mysql_error($conn);
   }

   // Close the connection
   mysqli_close($conn);
}

  if(isset($_POST['submit']))
  {
      create();

  }
?>

Retrieve the data from the table and display in a table output

<h1>Retrieve</h1><br>
<?php
function retrieve()
{
  $servername = "localhost";
  $username = "root";
  $password = "";
  $dbname="dbname";

  //create connection
  $conn = new mysqli($servername, $username, $password, $dbname);

  // check connection
  if($conn ->connect_error)
  {
    die("Connection failed: " . $conn->connect_error);
  }

  $sql = "SELECT * FROM table";
  $result = $conn->query($sql);

  if($result->num_rows >0)
  {
    // Outputs the table headers using echo.
    echo "<table id = 'eBookTable'><tr><th>id</th><th>creator</th><th>title</th><th>type</th><th>identifier</th><th>date</th><th>language</th><th>description</th></tr>";

    //output the data of each row..
    while($row = $result->fetch_assoc())
    {
      echo "<tr><td>".$row["id"]."</td><td>".$row["creator"]."</td><td>".$row["title"]."</td><td>".$row["type"]."</td><td>".$row["identifier"]."</td><td>".$row["date"]."</td><td>".$row["language"]."</td><td>".$row["description"]."</td></tr>";
    }

    // Outputs the entire table, headers and data...
    echo "</table>";
  }
    else
    {
      echo "0 results found";
    }

    // Close the connection
    $conn->close();
  }

  retrieve();
?>

this will update the data in the table

<h1>Update</h1><br>
<!-- Use a from to update data-->
<form method ="post">
  Name of Col: <input type = "text" name = "name"><br>
  Replace with: <input type = "text" name = "replace"><br>
  Row: <input type = "text" name = "id"><br>
  <input type = "submit" value = "submit" name = "submit_Update">
</form>

<?php

function update()
{
  $servername = "localhost";
  $username = "root";
  $password = "";
  $dbname= "dbname";
  $replace = $_POST['replace'];
  $name = $_POST['name'];
  $id = $_POST['id'];

  //create connection
  $conn = new mysqli($servername, $username, $password, $dbname);

  // check connection
  if($conn ->connect_error)
  {
    die("Connection failed: " . $conn->connect_error);
  }

  $sql = "UPDATE table SET $name = '$replace' WHERE id = $id";
  if($conn->query($sql) === TRUE)
  {
    echo "Record sucessfully updated";
  }
  else
  {
    echo "Error updating record: " . $conn->error;
  }
  $conn->close();
}
  if(isset($_POST['submit_Update']))
  {
    update();
    echo "<br> Your Updated Table";
    retrieve();
  }
?>

and this will delete data in the table based on the id that is inputted into the form

<h1>Delete</h1><br>
<!-- Use form to slect ID and delete the corresponding table row-->
<form method ="post">
  ID: <input type = "text" name = "id"><br>
      <input type = "submit" value "Delete" name = "submit_Delete">


<?php
function delete()
{
  $servername = "localhost";
  $username = "root";
  $password = "";
  $dbname= "dbname";

  //create connection
  $conn = new mysqli($servername, $username, $password, $dbname);

  // check connection
  if($conn->connect_error)
  {
    die("Connection failed: " . $conn->connect_error);
  }

  $id = $_POST['id'];
  //Sql to delete a row from the table
  $sql = "DELETE FROM table WHERE id=$id";

  if ($conn->query($sql) === TRUE)
  {
    echo "Selected record has been sucessfully deleted";
  }  else {
      echo "Error deleting record: " .$conn->error;
  }

    $conn->close();
}
if (isset($_POST['submit_Delete']))
{
  delete();
  echo "<br>Following deletion of selected row:<br>";
  retrieve();
}

?>

</body>
</html>

I'm also using XAMPP if that's any help

Please don't use the `mysql_` family of functions, they are removed in PHP7+. — ArtisticPhoenix, Mar 21 '19 at 13:51
please narrow down you question to the exact problem and please show us the results of your debugging process! — Jeff, Mar 21 '19 at 13:51
1) Do not mix MySQL APIs, they are not compatible. 2) Since you're using mysqli, take advantage of [prepared statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [bind_param](http://php.net/manual/en/mysqli-stmt.bind-param.php). **This will take care of any pesky quoting issues that may occur.** — aynber, Mar 21 '19 at 13:52
I have to use MySQL is specified, also when I open it with localhost, it a just not adding the data I put in the form, into the table in my database, that’s all it’s not giving me any errors — Darragh.H, Mar 21 '19 at 13:54
Your question has nothing to do with phpmyadmin. The code is an object lesson in poor security. You state "it just won't add the data" is the only error but tell us nothing about what happens when you run this. The code does at least check for errors - so does it fail to detect them or did you fail to tell us what the actual error message was? — symcbean, Mar 21 '19 at 14:04
But I’m not seeing any error messages when I run it I just see my form to enter data and the retrieve, update and delete part, I’ve checked the source code and console to and I’m not getting anything — Darragh.H, Mar 21 '19 at 14:19

SaschaM78 · Accepted Answer · 2019-03-21T13:56:14.617

0

You have a missing single quote in your INSERT statement before the $creator field that will prevent inserting any data. It should be like this:

$sql = "INSERT INTO table (creator, title, type, identifier, date, language, description)
  VALUES ('$creator', '$title', '$type', '$identifier', '$date', '$language', '$description')";

Please also follow the recommendations that where given by other users like not mixing mysql_ and mysqli_ functions.

edited Mar 21 '19 at 13:56

answered Mar 21 '19 at 13:53

SaschaM78

4,376
4
33
42

It would be nice to add a comment if downvoting anyone's answer ... – SaschaM78 Mar 21 '19 at 13:55
This is by no means the only error in the code. – aynber Mar 21 '19 at 13:55
1

Thank you! You have no idea how long I’ve bren looking at this trying to see any errors – Darragh.H Mar 21 '19 at 13:57
Author`s question was *"it just won't add the data I add to the form*" which is exactly caused by what I mentioned. Fixing the rest of the code is another topic. – SaschaM78 Mar 21 '19 at 13:57
aynbar could you specify please? – Darragh.H Mar 21 '19 at 13:58
@Darragh.H As I mentioned in my comment above, and as SaschaM78 updated their answer, you cannot mix mysql_* functions and mysqli_* functions. `if (mysql_query($conn, $sql))` will fail because you created the connection with `mysqli_connect`. You should see some sort of error regarding this in your server error logs. – aynber Mar 21 '19 at 14:02
Yeah I’ve just seen that now, thanks for pointing that out – Darragh.H Mar 21 '19 at 14:03
That still hasn’t fixed it, the data goes into form, click submit it disappears, go to phpmyadmin and it’s not in my table – Darragh.H Mar 21 '19 at 14:12
Did you follow @aynber's suggestion and fix the mix of the `mysql(i)_` functions? It would also be helpful for debugging if you'd simply `echo($sql);` and copy&paste it into PhpMyAdmin's query window to see if you'd get any errors or the data inserts successfully. – SaschaM78 Mar 21 '19 at 14:16
I fixed all that earlier, I made a form and function to create the table and that fixed a chunk of problems, but when I fill out the data in the insert form, and hit the submit button I get Notice: undefined index: language. Do I need to do something extra because I have language has 4 options? – Darragh.H Mar 21 '19 at 18:14
@Darragh.H you have a typo in your HTML code, you wrote ` – SaschaM78 Mar 21 '19 at 18:48
Thank you, sorry for asking these questions when it was a spelling mistake – Darragh.H Mar 21 '19 at 19:04
@Darragh.H no worries, happens to the best of us. If my answer was helpful to fix your code, I'd appreciate if you would mark it as your solution. – SaschaM78 Mar 21 '19 at 19:12
I’ve ticked it and tried to upvote it – Darragh.H Mar 21 '19 at 20:20
@Darragh.H thanks a lot! And let us me/us know if you need help in the future. – SaschaM78 Mar 21 '19 at 20:41
Would you be able to look at my retrieve function, it’s not giving me back a table when I click retrieve but yet when I call retrieve for update and delete it gives me back a table, please I tried looking at it and I don’t see what’s wrong – Darragh.H Mar 21 '19 at 20:51
@Darragh.H *"when I call retrieve for update and delete it gives me back a table"* means your function does not contain an error. So it seems the problem lies within the trigger that calls the `retrieve()` function. Another side-note: you repeat a lot of code in your functions so I would recommend to read about the DRY pattern and in general on design patterns which will help you write way better code in the future. – SaschaM78 Mar 22 '19 at 08:21
This answer does not address the insecure practices posted by the OP. Researchers should not use this solution. – mickmackusa Mar 24 '19 at 06:50

phpmyadmin CRUD functions

1 Answers1