I am new to PHP and I am making a insert function which will insert the html input into my Sql database but at the moment when I submit nothing happens and no information is entered into the database. Any help on how I can get the in-putted information to submit to the database would be greatly appreciated.
<html>
<head>
</head>
<body>
<div align = "center">
<form method = "POST" class="basic-grey">
<h1><i>Insert</i></h1>
<label>Title :<input type = "text" name="title"/></label>
<label>Content :<input type = "text" name="content"/></label>
<label>User :<input type = "text" name="user"/></label>
<label><input type = "submit" value = "submit"/></label>
</form>
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error ?></div>
</div>
</html>
<?php
include_once 'db_config.php';
session_start();
if (!(isset($_SESSION['login_user']) && $_SESSION['login_user'] != '')) {
header ("Location: login2.php");
}
if(isset($_POST["submit"])) {
$title = $_POST['title'];
$content = $_POST['content'];
$user = $_POST['user'];
$sql = "INSERT INTO 'diary' ('ID', 'TITLE', 'CONTENT', 'USER')
VALUES (NULL, '$title','$content', '$user',)";
if ($conn->query($sql) === TRUE) {
header("location: results.php");
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
$conn->close();
?>
Your script doesn't won't work because you don't have anything named 'submit' for if(isset($_POST["submit"])) { to test. Fix that by naming your submit button:
<label><input type="submit" name="submit" value="submit"/></label>
Once clicked now the button's name will appear in the $_POST array.
In addition: session_start() should be right after your opening PHP tag.
Your script is at risk for SQL Injection Attacks. Learn about prepared statements for PDO and MySQLi and consider using PDO, it's really pretty easy.
Your error checking will reveal that you have quoted instead of back ticked table and column names and that you have an extra comma. Change your insert query as follows:
$sql = "INSERT INTO `diary` (`ID`, `TITLE`, `CONTENT`, `USER`) VALUES (NULL, '$title','$content', '$user')";
You are using invalid mysql syntax. You are using wrong string literal ' for table name and columns name. You can use this ` , or no literal at all.
Option 1 :
$sql = "INSERT INTO `diary` (`ID`, `TITLE`, `CONTENT`, `USER`) VALUES (NULL, '$title','$content', '$user')";
Option 2 :
$sql = "INSERT INTO diary (ID, TITLE, CONTENT, USER) VALUES (NULL, '$title','$content', '$user')";
maybe you didn't use name of 'submit' for executed like :
<input type="submit" **name="simpan"** value="SIMPAN"/>