I have the following 2 files and a database that is running in the background. When ever I submit the form. The data is not being inserted into the database. It connects to my database successfully but it does not insert:
update.html
<html>
<head><title>Test Page</title></head>
<body>
<h2>Data Collection</h2><p>
<form action="update.php" method="post">
<table>
<tr><td>id</td><td><input type="text" name="id" /></td></tr>
<tr><td>title</td><td><input type="text" name="title" /></td></tr>
<tr><td>name</td><td><input type="text" name="name" /></td></tr>
<tr><td>hello</td><td><input type="text" name="hello" /></td></tr>
<tr><td colspan="2" align="center"><input type="submit" /></td></tr>
</table>
</form>
</body>
</html>
update.php
<?php
$GLOBALS['title'];
$GLOBALS['id'];
$GLOBALS['name'];
$GLOBALS['hello'];
$hostname="localhost:3036";
$username="root";
$password="";
$con = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
echo "Connected to MySQL<br>";
// Check connection
if (mysql_error())
{
echo "Failed to connect to MySQL: " . mysql_error();
}
mysql_select_db('website');
$sql="INSERT INTO articles (id, title, name, hello)
VALUES('$id','$title','$name','$hello')";
mysql_close($con);
echo "test";
All help is appreciated.
Please try this code: Note: i just ignore your deprecated msqyl function
<?php
$hostname="localhost:3036";
$username="root";
$password="";
$title = $_POST['title'];
$id = $_POST['id'];
$name = $_POST['name'];
$hello = $_POST['hello'];
$con = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
echo "Connected to MySQL<br>";
// Check connection
if (mysql_error())
{
echo "Failed to connect to MySQL: " . mysql_error();
}
mysql_select_db('website');
$sql=mysql_query("INSERT INTO articles (id, title, name, hello)
VALUES('$id','$title','$name','$hello')") or die(mysql_error());
mysql_close($con);
echo "test";
You are not executing the query at all and as correctly stated in the comments, you weren't setting the variables correctly;
change your code to match:
$title = $_POST['title'];
$id = $_POST['id'];
$name = $_POST['name'];
$hello = $_POST['hello'];
$hostname="localhost:3036";
$username="root";
$password="";
$con = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
echo "Connected to MySQL<br>";
// Check connection
if (mysql_error())
{
echo "Failed to connect to MySQL: " . mysql_error();
}
mysql_select_db('website');
$sql="INSERT INTO articles (id, title, name, hello)
VALUES('$id','$title','$name','$hello')";
mysql_query ( $sql, $con);
mysql_close($con);
First you are not defining the variables that are inserting. '$id','$title','$name','$hello'.
Define previous to insert, when the $_POST is accepted, use
else {$id'= $_POST['id'];}
Second. and more important, don't ever use this code which by the way is old, deprecated and very unhealthy. It's prone to SQL INJECTION.
Instead use PDO, and sanitize user submitted values.
Also avoid use of $GLOBALS, the same, old, deprecated, unsafe.
Please refer to PHP sanitize which explains how to clean your user submitted data. Check this:
$id=filter_var($_POST['id'], FILTER_SANITIZE_STRING);