Adding data to mySQL using PHP

Question

I feel this should be straight forward but the data isnt going in to the table.

When I try to save the data the code executes and displays this message:

        $statusMsg1 = "A problem occurred, please try again.";

Which leads me to think the problem must be with the SQL, but nothing is standing out to me to highlight what the issue is.

I changed the SQL so that insert raw text, but this produces the same message.

postCodes.php

    <?php
        // Form saubmission script
        include_once 'submit.php';

        /* Attempt MySQL server connection. */
        $mysqli = new mysqli("127.0.0.1", "root", "root", "bookingpage");

        // Check connection
        if($mysqli === false){
            die("ERROR: Could not connect. " . $mysqli->connect_error);
        }
        // SQL query execution
        $sql = "SELECT * FROM Postcodes";

    ?>

 <!-- Status message -->
    <?php if(!empty($statusMsg1)){ ?>
    <p class="stmsg"><?php echo $statusMsg1; ?></p>
    <?php } ?>

    <!-- GENERAL TAB -->
    <p style="color:RGB(0,70,135)">You can use the text editor below to display text on your home page</p>

        <form action="" method="post">

            <div class="form-group">
                <label for="postcode1">Enter Postcode Area</label>
                <input style="font-size:12px" name="postCodetext" id="postCodetext" class="form-control required" value="e.g CF11">
            </div>

             <div class="form-group">
                <label for="deliveryCost">Delivery Charge</label>
                <input style="font-size:12px" name="costtext" id="costtext" class="form-control required" value="e.g 5.00">
            </div>

            <button type="button" class="save-settings btn btn-primary btn-xs"
                title="<?= lang('save') ?>">
                <span class="glyphicon glyphicon-floppy-disk"></span>
                <?= lang('save') ?>
            </button>
            <input type="submit" name="submitPostCode" value="Save Data">

        </form>

submit.php

<?php
// Include the database configuration file
require_once 'dbConfig.php';

$editorContent = $statusMsg = '';
$postCodeString = $statusMsg1 = '';


 // SAVE POSTCODE & DELIVERY COST
if(isset($_POST['submitPostCode'])){
    // Get editor content
    $postCodeString = $_POST['postCodetext'];
    $costString = $_POST['costtext'];

    // Check whether the editor content is empty
    if(!empty($postCodeString)){
        // Insert editor content in the database
        $insert1 = $db->query("INSERT INTO PostCodes (postCode, Cost) VALUES ('".$postCodeString."', '".$costString."')");

        // If database insertion is successful
        if($insert1){
            $statusMsg1 = "Succeddfully Saved.";
        }else{
            $statusMsg1 = "A problem occurred, please try again.";
        }
    }else{
        $statusMsg1 = 'You cannot save a blank postcode or delivery charge';
    }
}

Wrap it inside Try Catch like this so that its easy to debug https://stackoverflow.com/a/8776392/5192105 — Sachin Bahukhandi, Nov 22 '19 at 17:48
You should probably capture your error returned by your database. IT will be very specific about what the problem is. Furthermore your code is wide open for a SQL injection attack. Properly binding your parameters will fix this (and may fix whatever the problem is here). — JNevill, Nov 22 '19 at 17:48
Thanks JNeill, wow thats seriously interesting. Would you kindly explain about properly binding parameters please? — tryer, Nov 22 '19 at 17:54

Adding data to mySQL using PHP

0 Answers0