-3

I'm very new to PHP so forgive me if this is an easy question. I have a form and a page. The form works as needed (HTML), but I can't seem to get the PHP part working. I've looking for a while now but haven't been able to find where my mistake is in my code. The code is as follows:

<?php
$conn = mysqli_connect("sql300.epizy.com", "epiz_25296769", "****", "epiz_25296769_matches");
if ($conn-> connect_error) {
    die("Connection Failed".$conn-> connect_error);
}
$Date = $_POST['Date']
$Opponent = $_POST['Opponent'];
$Result = $_POST['Result'];
$XtC_Score = $_POST['XtC_Score'];
$Opponent_Score = $_POST['Opponent_Score'];
$Tag = $_POST['Tag'];
$Stage = $_POST['Stage'];
$Notes = $_POST['Notes'];
$sql = "INSERT INTO list (Date, Opponent, Result, XtC_Score, Opponent_Score, Tag, Stage, Notes)
VALUES ('$Date','$Opponent','$Result','$XtC_Score','$Opponent_Score','$Tag','$Stage','$Notes')";
if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();
}
?>

I should mention the connection isn't the problem, as that seems to be working fine when I remove everything down from the connection code. Any help is greatly appreciated and sorry for the simple question.

EDIT: The form is as follows:

<form action="insert.php" method="post">
Date<input type="date" name="Date" /><br><br>
Opponent<input type="text" name="Opponent" /><br><br>
Result<input type="text" name="Result" /><br><br>
XtC Score<input type="text" name="XtC_Score" /><br><br>
Opponent Score<input type="text" name="Opponent_Score" /><br><br>
Tag<input type="text" name="Tag" /><br><br>
Stage<input type="text" name="Stage" /><br><br>
Notes<input type="text" name="Notes" /><br><br>
<input type="submit" /><br><br>

The error I get is HTTP Error 500, unable to handle request.

Norbert Wesolowski
  • 85
  • 7
  • 3
    If you are brand new to PHP, use brand new PHP! Ditch mysqli_rubbish(), and use PDO! Go here! https://phpdelusions.net/pdo and while you do that i'll look at your question – delboy1978uk Mar 06 '20 at 16:59
  • please paste any `error_log` output – delboy1978uk Mar 06 '20 at 17:00
  • I could be wrong but I don't think you need the single quotes `'` around the values portion. The PHP values should be interpolated automatically as strings. – War10ck Mar 06 '20 at 17:02
  • @delboy1978uk I'm afraid I don't know how to view the error log – Norbert Wesolowski Mar 06 '20 at 17:04
  • 5
    Also, I know this is not answering your question but I feel like it would be a dis-service to not advise. You code as written above is wide-open to ***SQL Injection*** attacks. Please review [this article](https://websitebeaver.com/prepared-statements-in-php-mysqli-to-prevent-sql-injection) which describes this attack in detail and how to mitigate it by using _Prepared Statements_ which is a built in function of the `mysqli_*` extension. Optionally, the `PDO` extension that @delboy1978uk mentions above, also supports the _Prepared Statements_ feature... – War10ck Mar 06 '20 at 17:04
  • check `phpinfo()` and search the page for `error_log`. look there! You should always have your log being tailed in a terminal window during dev time! – delboy1978uk Mar 06 '20 at 17:05
  • Are you receiving the `echo "Error: ..."` statement above or no statement at all? This will determine if your error is with the _MySQL_ query syntax or a syntactical error in _PHP_. – War10ck Mar 06 '20 at 17:06
  • use **prepared Statemenst** and see if that solves your problem. https://www.php.net/manual/de/mysqli.quickstart.prepared-statements.php – nbk Mar 06 '20 at 17:09
  • There isn't any echo of an error, I get a HTTP error 500 when it runs after submitting the form – Norbert Wesolowski Mar 06 '20 at 17:10
  • Also https://stackoverflow.com/questions/12769982/reference-what-does-this-error-mean-in-php – Dharman Mar 06 '20 at 17:13

1 Answers1

1

It's possible that the 500 error you are encountering is due to PHP being unable to parse your script. This usually happens when you make an error in the syntax. In your script there appears to be two syntax errors:

The following line is missing a semicolon at the end:

$Date = $_POST['Date']

It should be:

$Date = $_POST['Date'];

And you have an extra curly brace at the end of your file:

$conn->close();
}
?>

This should be removed:

$conn->close();
?>
Floyd
  • 11
  • 1