Futhark Futhark - 16 days ago 5
HTML Question

Adding Data to a MySQL Database from an HTML Form

HI all i've a basic Web Form for putting data into a mysql database, I created code to report if i was connected to my Database correctly and it was so on completion of the form i tested it and it seems to do what i expected but when i goto my database no data was actually entered? I've tried this locally and on a server with both doing the same thing. Here is my two .php forms for you to look that i used on my local machine to test in MAMP just incase i have done something wrong:

virtualWalkLog.php

<form action="hazardsform.php" method="POST" />
<p>ROUTE: <input type="text" name="ROUTE" /></p>
<p>ADDRESS: <input type="text" name="ADDRESS" /></p>
<p>LATITUDE: <input type="text" name="LATITUDE" /></p>
<p>LONGITUDE: <input type="text" name="LONGITUDE" /></p>
<p>HAZARD: <input type="text" name="HAZARD" /></p>
<p>RISK: <input type="text" name="RISK" /></p>
<input type="submit" value="Submit" />
</form>


hazardsform.php

<?php

define('DB_NAME', 'virtualWalkLog');
define('DB_USER', 'root');
define('DB_PASSWORD', 'root');
define('DB_HOST', 'localhost');

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if (!$link) {
die('Could not connect: ' . mysql_error());
}

$db_selected = mysql_select_db(DB_NAME, $link);

if (!$db_selected) {
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}

$value = $_POST['ROUTE'];
$value = $_POST['ADDRESS'];
$value = $_POST['LATITUDE'];
$value = $_POST['LONGITUTE'];
$value = $_POST['HAZARD'];
$value = $_POST['RISK'];

$sql = "INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2',
'$value3', '$value4', '$value5', '$value6')";

mysql_close();


Many Thanks in advance

Answer

Going through your script quickly you need to call mysql_query($sql) after

$sql = "INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2', '$value3', '$value4', '$value5', '$value6')";

mysql_sql query will actually execute the query.

Also as $value should be unique

 $value = $_POST['ROUTE'];
 $value2 = $_POST['ADDRESS'];
 $value3 = $_POST['LATITUDE'];

 -----

SUGGESTION Since you have just begin ..I will suggest you try mysql_* for just concepts but use mysqli_* or PDO .. You shold also know about sql injection

Here are some tutorials to help you

http://php.net/manual/en/security.database.sql-injection.php

http://php.net/manual/en/book.pdo.php

http://php.net/manual/en/book.mysqli.php

Comments