I have a problem about posting data to DB.When i reload the page,or go to the website,it sends null data to DB.Its because i haven't functioned the button(well,i mean an onclick event) for this.Directly wrote a php code under the form and it works if you fill the spaces such as text and textarea and click the button.Though,Im new to PHP,So what I exactly need is,learning how to function a button to insert data to database using PHP to prevent inserting data on every load of form.
Here is the code
<?php
$host="localhost";
$user="root";
$password="";
$db="mkappform";
$con=mysqli_connect("$host","$user","$password","$db");
if (! $con) die ("Unable to connect to database");
$name=$_POST["name"];
$nick=$_POST["nick"];
$pvnick=$_POST["pvnick"];
$age=$_POST["age"];
$country=$_POST["country"];
$timezone=$_POST["timezone"];
$servers=$_POST["servers"];
$checkban=$_POST["checkban"];
$contact=$_POST["contact"];
$history=$_POST["history"];
$reasons=$_POST["reasons"];
$whypastclans=$_POST["whypastclans"];
$anyotherinfo=$_POST["anyotherinfo"];
$query=mysqli_query($con,
"INSERT INTO mkappform(name,nick,pvnick,age,country,timezone,servers,checkban,contact,history,reasons,whypastclans,anyotherinfo)
values('$name','$nick','$pvnick','$age','$country','$timezone','$servers','$checkban','$contact','$history','$reasons','$whypastclans','$anyotherinfo')");
if($query == true)
echo "Application was sent successfully!!"
?>
Use action attribute of your form. For example action="index.php?action=form" Because isset($_POST) && !empty($_POST) is most of time not enough if you are dealing with bigger webapp.
if(isset($_GET["action"]
{
//Open database
switch($_GET["action"])
{
case "form":
//callYourForm
form();
break;
case "anotherThing":
anotherThing();
break;
//can do more things if needed..
}
}
1) Use PDO statements instead of mysqli it is better and simple.
2) Using '$name' will be equal to '$name' because using single quote take the string as it is, instead use double quote like this "$name".
3) Here an example that uses the previous notes :
<?php
$host="localhost";
$user="root";
$password="";
$db="mkappform";
try {
$pdo = new PDO("mysql:host=$host;dbname=$db","$user","$password");
$name=$_POST["name"];
$nick=$_POST["nick"];
$pvnick=$_POST["pvnick"];
$age=$_POST["age"];
$country=$_POST["country"];
$timezone=$_POST["timezone"];
$servers=$_POST["servers"];
$checkban=$_POST["checkban"];
$contact=$_POST["contact"];
$history=$_POST["history"];
$reasons=$_POST["reasons"];
$whypastclans=$_POST["whypastclans"];
$anyotherinfo=$_POST["anyotherinfo"];
$insert_status = $pdo->query("INSERT INTO mkappform(name,nick,pvnick,age,country,timezone,servers,checkban,contact,history,reasons,whypastclans,anyotherinfo)
values('$name','$nick','$pvnick','$age','$country','$timezone','$servers','$checkban','$contact','$history','$reasons','$whypastclans','$anyotherinfo')");
if($insert_status){
echo "Application was sent successfully!!"
}else{
echo "an error occured when inserting data";
}
} catch (PDOException $e) {
echo $e->getMessage();
die("Unable to connect to database");
}
?>
In reality we use parameter binding when inserting into databases to avoid SQL Injections