How do I use PHP to send text area data from an HTML document to MySQL database?

Question

I am using PHP to point the text area input to MySQL database. Right now it is throwing the following error: "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3"

In the code I posted, the block starting with "mysql_select_db("main_data0",$con);" and ending in "('$_POST[textarea1]'";" is repeated for each text area that I have in my html.

I tried switching to "mysqli" instead of "mysql_connect", but this only caused it to show WAY more errors.

<?php
$servername = "standridgen77573.domaincommysql.com";
$username = "nat_0g";
$password = "Lens981#bent";
$databasename = "main_data0";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$databasenam", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected successfully"; 
    }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }

if(isset($_POST['textarea1'], $_POST['textarea2'], $_POST['textarea3'], $_POST['textarea4'], $_POST['textarea5'], $_POST['textarea6'], $_POST['textarea7'], $_POST['textarea8'], $_POST['textarea9'])){
    $postdata_1 = $_POST['textarea1']; // here i declare post value to the $postdata variable    
    $postdata_2 = $_POST['textarea2']; // here i declare post value to the $postdata variable   
    $postdata_3 = $_POST['textarea3']; // here i declare post value to the $postdata variable
    $postdata_4 = $_POST['textarea4']; // here i declare post value to the $postdata variable    
    $postdata_5 = $_POST['textarea5']; // here i declare post value to the $postdata variable   
    $postdata_6 = $_POST['textarea6']; // here i declare post value to the $postdata variable
    $postdata_7 = $_POST['textarea7']; // here i declare post value to the $postdata variable    
    $postdata_8 = $_POST['textarea8']; // here i declare post value to the $postdata variable   
    $postdata_9 = $_POST['textarea9']; // here i declare post value to the $postdata variable


    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1, textarea2, textarea3, textarea4, textarea5, textarea6, textarea7, textarea8, textarea9) VALUES (?,?,?,?,?,?,?,?,?)"); // here is my mysql statement
    $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3, $postdata_4, $postdata_5, $postdata_6, $postdata_7, $postdata_8, $postdata_9]); // here i use $postdata variable. Every ? mark represent one variable.
}
?>

`$sql="INSERT INTO info0 (textarea1) VALUES ('{$_POST['textarea1']}')"` — Nick, Aug 31 '19 at 03:10
Prevent SQL injection! https://stackoverflow.com/questions/129677/how-can-i-sanitize-user-input-with-php — ManUtopiK, Aug 31 '19 at 04:35
man, i don't know how i missed that. gonna try fixing that, then if that doesnt work im gonna try the PDO connection suggested below. — natstandridge, Aug 31 '19 at 17:23

Nemanja Jeremic · Answer 1 · 2019-08-31T17:37:02.790

1

I'll recommend you a PDO connection to the database. It's much easier for beginners, and it's much secured.

$servername = "localhost";
$username = "username";
$password = "password";
$databasename = "databasename";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$databasenam", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected successfully"; 
    }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }

Then after you connected to the database you can do something like this.

Single

if(isset($_POST['textarea1'])){
    $postdata = $_POST['textarea1']; // here i declare post value to the $postdata variable
    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1) VALUES (?)"); // here is my mysql statement
    $NewRecord->execute([$postdata]); // here i use $postdata variable. The ? mark represent this.
}

Multiple

if(isset($_POST['textarea_1'], $_POST['textarea_2'], $_POST['textarea_3'])){
    $postdata_1 = $_POST['textarea_1']; // here i declare post value to the $postdata variable    
    $postdata_2 = $_POST['textarea_2']; // here i declare post value to the $postdata variable   
    $postdata_3 = $_POST['textarea_3']; // here i declare post value to the $postdata variable
    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1, textarea2, textarea3) VALUES (?,?,?)"); // here is my mysql statement
    $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3]); // here i use $postdata variable. Every ? mark represent one variable.
}

edited Aug 31 '19 at 17:37

answered Aug 31 '19 at 03:10

Nemanja Jeremic

334
4
18

Doing some studying right now, but I'm gonna try this out as soon as I'm done. Thanks much! – natstandridge Aug 31 '19 at 04:10
What would the second piece of code look like if I need to do that for multiple text areas? Could I just repeat the if block for each one? – natstandridge Aug 31 '19 at 17:23
Nope, it didn't work. There is an error in the following part of the code: $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3, $postdata_4, $postdata_5, $postdata_6, $postdata_7, $postdata_8, $postdata_9]); – natstandridge Sep 02 '19 at 22:16
Please provide the code which one u used. Full code – Nemanja Jeremic Sep 02 '19 at 22:17
Parse error: syntax error, unexpected '[', expecting ')' in /hermes/bosnaweb18a/b2811/dom.standridgen77573/public_html/data.php on line 41 – natstandridge Sep 02 '19 at 22:18
Please give me the full code. What about the line above this one? – Nemanja Jeremic Sep 02 '19 at 22:19
too long to post here, ill try messaging it to you – natstandridge Sep 02 '19 at 22:27
pastebin.com useful link – Nemanja Jeremic Sep 02 '19 at 22:28

How do I use PHP to send text area data from an HTML document to MySQL database?

1 Answers1