-2

I have a basic form, which on selecting the submit button I'm trying redirect to another page:

<body>

<?php
include "dataconn.php";

if (isset($_POST['submit_']))
{
            
    $name = $_POST['name'];
    $company = $_POST['company'];
    $host = $_POST['host'];
    $date = $_POST['date'];
  

    $insert = mysqli_query($con,"INSERT INTO `visitorinfo`(`name`, `company`, `host`,`dateOfVisit`) VALUES ('$name','$company', '$host', '$date')");

    
} 

mysqli_close($con);
?>

                                                                 
<form target="_blank" method="POST" action="finalpage.htm">

 <label for="name" style="display:block">Name </label> 
 <input type="text" id="name" name="name"> 

 <label for="company" style="display:block">Company</label> 
 <input type="text" id="Company" name="company">


 <label for="host" style="display:block">Name of Host</label> 
 <input type="text" id="host" name="host"> 

<span style="display:inline-block">
 <label for="date" style="display:block">Date of visit</label> 
 <input type="date" id="date" name="date"> </span>


<input onclick="window.location.href = 'finalpage.htm';" type="submit" name="submit "value="submit"/>

 
</form>


</body>
</html>

This correctly takes me to the next page, however the data of the form is not getting saved to my database? I've tried using <a> tags but this doesn't redirect to the page at all.

Also the page that it gets redirected to has a countdown timer so it automatically redirects to another page but the JavaScript doesn't seem to work when it lands on this page after form submission

<head>
<script>
var timeleft = 10;
var downloadTimer = setInterval(function(){

  timeleft -= 1;
  if(timeleft <= 0){
    clearInterval(downloadTimer);
    window.location='file:///C:/wamp64/www/welcomepage.htm';
  }
}, 1000);
</script>
<head>
Hari
  • 45
  • 1
  • 7
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Jun 01 '21 at 13:27
  • Remove `onclick="window.location.href = 'finalpage.htm';"` and it should work – Dharman Jun 01 '21 at 13:28
  • @Dharman still the same issues – Hari Jun 01 '21 at 13:45
  • Does `finalpage.htm` contain PHP? If so, webservers won't try to execute any PHP in HTML files if they're not explicitly configured to do so. Why isn't your target a `.php` file? – El_Vanja Jun 01 '21 at 13:48
  • @El_Vanja it doesn't have any php – Hari Jun 01 '21 at 14:18
  • 1
    Your form action is `action="finalpage.htm"`, meaning it will submit the values to that page. You need to point the action to the same page and then do a redirect after you insert to the database. – El_Vanja Jun 01 '21 at 14:24

1 Answers1

0

Replace

<form target="_blank" method="POST" action="finalpage.htm">

with

<form method="POST" action="">

You also need to replace your button

<input onclick="window.location.href = 'finalpage.htm';" type="submit" name="submit "value="submit"/>

with

<input type="submit" name="submit_" value="submit" />

The onclick attribute prevents the form submission.

Dharman
  • 30,962
  • 25
  • 85
  • 135
ahmedbayan
  • 1
  • 4