0

Everything seems good in this code but it always fails to submit the data what could be the issue?

Im using a web host (000webshost) for the myphpadmin db. The form worked once to submit the data but rn it started to fail for some reason and I cannot understand why. Submitting the form always echos with failed to insert data and everything else is looking good. We are using Tailwind css for the website frontend.

Here is the html:

            <div class="container mx-auto flex px-5 py-24 md:flex-row flex-col items-center">
                <div class="lg:w-2/6 md:w-1/2 bg-gray-100 rounded-lg p-8 flex flex-col md:m-auto w-full mt-10 md:mt-0">
                    <form action="insertsite.php" method="post">
                        <h2 class="text-gray-900 text-2xl font-bold title-font mb-5">Create POA</h2>
                        <div class="relative mb-4">
                            <h2 class="text-gray-900 text-lg font-normal title-font mb-2">Client Details</h2>
                            <label for="full-name" class="leading-7 text-sm text-gray-600">Your Full Name</label>
                            <input type="text" name="personname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="email" class="leading-7 text-sm text-gray-600">E-mail</label>
                            <input type="email" name="email"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <style>
                            input::-webkit-outer-spin-button,
                            input::-webkit-inner-spin-button {
                                -webkit-appearance: none;
                                margin: 0;
                            }
                        </style>
                        <div class="relative mb-4">
                            <label for="Phone" class="leading-7 text-sm text-gray-600">Phone Number</label>
                            <input type="number" name="phone"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Address" class="leading-7 text-sm text-gray-600">Enter Your Address</label>
                            <input type="Address" name="address"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Aadhaar" class="leading-7 text-sm text-gray-600">Enter Your Aadhaar Number</label>
                            <input type="number" name="aadharnumber"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="PanNo" class="leading-7 text-sm text-gray-600">Enter Your Pan Number</label>
                            <input type="text" name="panno"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <h2 class="text-gray-900 text-lg font-normal title-font mt-4 mb-2">Client Bank Details</h2>
                        <div class="relative mb-4">
                            <label for="BankName" class="leading-7 text-sm text-gray-600">Enter Name of Your Bank</label>
                            <input type="text" name="bankname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="BankBranch" class="leading-7 text-sm text-gray-600">Enter Name of Your Bank's branch</label>
                            <input type="text" name="branchname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Holdername" class="leading-7 text-sm text-gray-600">Enter Account Holders Name</label>
                            <input type="text" name="accholder"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="AccNumber" class="leading-7 text-sm text-gray-600">Enter Account Number</label>
                            <input type="text" name="accno"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="IFSC" class="leading-7 text-sm text-gray-600">Enter The IFSC Code</label>
                            <input type="text" name="ifsc"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="UPI" class="leading-7 text-sm text-gray-600">Enter UPI ID</label>
                            <input type="text" name="upi"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <button type="submit" name="submit"
                            class="text-white bg-red-500 border-0 py-2 px-8 focus:outline-none hover:bg-red-600 rounded text-lg">Save Your Data</button>
                    </form>
                </div>
            </div>
    </section>

Here is the PHP:

    $server = "localhost" ;
    $username = "removed";
    $password = "removed";
    $dbname = "id16235805_portfolio";
    $con = mysqli_connect($server ,$username,$password,$dbname );
    
    if(isset($_POST['submit'])) {
        $personname = $_POST["personname"];
        $email = $_POST["email"];
        $phone =$_POST["phone"];
        $address =$_POST["address"];
        $aadharnumber =$_POST["aadharnumber"];
        $panno =$_POST["panno"];
        $bankname =$_POST["bankname"];
        $branchname =$_POST["branchname"];
        $accholder =$_POST["accholder"];
        $accno =$_POST["accno"];
        $upi =$_POST["upi"];
        $brokerage =$_POST["brokerage"];
        $periodofagr =$_POST["periodofagr"];
        $amountrecieved =$_POST["amountrecieved"];
        $amountrecinwords =$_POST["amountrecinwords"];
        $accopeningchar =$_POST["accopeningchar"];
        $lockingperiod =$_POST["lockingperiod"];
        $clientage =$_POST["clientage"];
        $payback =$_POST["payback"];
        $ifsc =$_POST["ifsc"];
        $daterec =$_POST["daterec"];
        $startingdate =$_POST["startingdate"];
        $endingdate =$_POST["endingdate"];
        
    
        $sql = "INSERT INTO client_details (personname,email,phone,address,aadharnumber,panno,bankname,branchname,accholder,accno,upi,brokerage,periodofagr,amountrecieved,amountrecinwords,accopeningchar,lockingperiod,clientage,payback,ifsc,daterec,startingdate,endingdate) VALUES ('$personname','$email','$phone','$address','$aadharnumber','$panno','$bankname','$branchname','$accholder','$accno','$upi','$brokerage','$periodofagr','$amountrecieved','$amountrecinwords','$accopeningchar','$lockingperiod','$clientage','$payback','$ifsc','$daterec','$startingdate','$endingdate')";
        
        $result = mysqli_query( $con,$sql );
        
        
        if($result) {
            echo "Data Inserted";
        }
        else {
            echo "Failed to Insert Data";
        }
    }
?>```


Please look into the code above and see if there is any type of error.
Iam updating the same db from android app and another smaller html form and it works but for this bigger one it is failing.
Soham Vaidya
  • 1
  • 2
    Does this answer your question? [How can I prevent SQL injection in PHP?](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). The same technique can also help to guard against unexpected syntax errors in your SQL – ADyson Mar 01 '21 at 10:06
  • Also, you aren't checking for the real SQL error so it's unsurprising that you have no idea what is really going wrong, or how to fix it. See [How to get the actual mysql error and fix it?](https://stackoverflow.com/questions/22662488/mysqli-fetch-assoc-expects-parameter-call-to-a-member-function-bind-param) – ADyson Mar 01 '21 at 10:08
  • Looks like you need a small example -- you can find one at W3Schools or php.net -- using mysqli_query. THen you can adapt it to your own situation. You might also try printing $_POST to see if it contains what you think it does. – Topological Sort Mar 01 '21 at 16:28

1 Answers1

-1

your entire code seems fine. Since this code once worked fine, make sure that any of the input boxes does not have a special character typed in it eg "/", if so, you will have to escape these characters by using mysqli_real_escape_string($connection, $inputBoxValue). Cheers!

Denis
  • 16
  • 2
  • No, OP should be using parameterised queries and prepared statements. mysqli_real_escape_string is obsolete and doesn't fully protect against sql injection – ADyson Mar 01 '21 at 10:06
  • Can you tell me how to use parameterised queries and prepared statements with some documentation links or something. – Soham Vaidya Mar 01 '21 at 10:15
  • @SohamVaidya-39 I provided a link already, see the comments above. You can read more at https://phpdelusions.net/mysqli as well, and https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php (although actually the examples in the official documentation are not the best, I would start with the other links I've provided) – ADyson Mar 01 '21 at 10:17