Web Analytics Made Easy -
StatCounter Form to Database - CodingForum

Announcement

Collapse
No announcement yet.

Form to Database

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Form to Database

    Hey

    I just started scripting my own codes, but i get a error:
    (i want to send a form to the database)

    Code:
    Notice: Undefined index: form in C:\wamp\www\sql.php on line 9
    Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(naam, leeftijd) VALUES ('Dieter','17')' at line 1
    Form.html:

    Code:
    <html>
    <head>
    <title>Form</title>
    </head>
    <body>
    	<form action="sql.php" method="post">
    	Naam: <input type="text" name="naam" /> <br>
    	Leeftijd: <input type="text" name="leeftijd" />
    			 <input type="submit" />
    			 </form>
    	 
    </body>
    </html>
    sql.php:


    PHP Code:
    <?php
    $con 
    mysql_connect("localhost","root","1425367");
    if (!
    $con)
     {
     die(
    'Kon geen contact maken met de database! ' mysql_error());
     }
     
    mysql_select_db("tutorial",$con);
    $sql="INSERT INTO " $_POST['form'] . " (naam, leeftijd)
    VALUES
    ('
    $_POST[naam]','$_POST[leeftijd]')";
     
    if (!
    mysql_query($sql,$con))
      {
      die(
    'Error: ' mysql_error());
      }
    echo 
    "1 record added";mysql_close($con)
    ?>
    Sorry for my bad english
    I hope you pll can help me out

  • #2
    Hmm at :

    PHP Code:
    mysql_select_db("tutorial",$con);
    $sql="INSERT INTO " $_POST['form'] . " (naam, leeftijd)
    VALUES
    ('
    $_POST[naam]','$_POST[leeftijd]')"
    Change it to :

    PHP Code:
    mysql_select_db("tutorial",$con);
    $form $_POST['form'];
    $sql="INSERT INTO $form (naam, leeftijd)
    VALUES
    ('
    {$_POST[naam]}','{$_POST[leeftijd]}')"
    This should solve the issue

    Comment


    • #3
      I've highlighted the problem in red:

      Code:
      <?php
      $sql="INSERT INTO " . [COLOR="Red"]$_POST['form'][/COLOR] . " (naam, leeftijd)
      VALUES
      ('$_POST[naam]','$_POST[leeftijd]')";
      1. The $_POST array will not contain an element named "form", only the elements corresponding to the form elements. (ie: 'naam' & 'leeftijd')

      2. The code marked in red should be the name of the database table you are trying to insert data into.

      Edit:
      Also, you should enclosed the array keys in quotes - ie: $_POST[naam] should be $_POST['naam']
      Last edited by PappaJohn; Apr 3, 2009, 02:25 PM.
      John

      Comment


      • #4
        well here is a screen and if you can see my db is named Form so where i got to write this?

        Here is a screenshot
        Attached Files

        Comment


        • #5
          Ah, then it should be:
          PHP Code:
          $sql="INSERT INTO `form` (naam, leeftijd)
          VALUES
          (
          $_POST['naam'],$_POST['leeftijd'])"
          John

          Comment


          • #6
            getting this error now:

            Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in C:\wamp\www\sql.php on line 11

            is i remove the strings i get this:

            Error: Unknown column 'Dieter' in 'field list'

            Comment


            • #7
              Please post the current code you have in sql.php.
              John

              Comment


              • #8
                PHP Code:
                <?php
                $con 
                mysql_connect("localhost","root","1425367");
                if (!
                $con)
                 {
                 die(
                'Kon geen contact maken met de database! ' mysql_error());
                 }
                 
                mysql_select_db("tutorial",$con);
                $sql="INSERT INTO `form` (naam, leeftijd)
                VALUES
                (
                $_POST[naam],$_POST[leeftijd])";   
                 
                if (!
                mysql_query($sql,$con))
                  {
                  die(
                'Error: ' mysql_error());
                  }
                echo 
                "1 record added";mysql_close($con)
                ?>

                Comment


                • #9
                  Try this:
                  PHP Code:
                  <?php 
                  $con 
                  mysql_connect("localhost","root","1425367"); 
                  if (!
                  $con
                   { 
                   die(
                  'Kon geen contact maken met de database! ' mysql_error()); 
                   } 
                    
                  mysql_select_db("tutorial",$con); 
                  $sql="INSERT INTO `form` (naam, leeftijd) 
                  VALUES 
                  (
                  $_POST['naam'],$_POST['leeftijd'])";    
                    
                  if (!
                  mysql_query($sql,$con)) 
                    { 
                    die(
                  'Error: ' mysql_error()); 
                    } 
                  echo 
                  "1 record added";
                  mysql_close($con);
                  ?>

                  Comment


                  • #10
                    now i'm getting this

                    Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in C:\wamp\www\sql.php on line 11

                    Comment


                    • #11
                      no one ?

                      Comment


                      • #12
                        Take out the single quote ` from around the table name.


                        PHP Code:
                        $sql="INSERT INTO form (naam, leeftijd) 
                        VALUES 
                        (
                        $_POST['naam'],$_POST['leeftijd'])"
                        I don't know why, but it works for me.

                        Comment


                        • #13
                          Try this:
                          PHP Code:
                          <?php 
                          $con 
                          mysql_connect("localhost","root","1425367"); 
                          if (!
                          $con
                           { 
                           die(
                          'Kon geen contact maken met de database! ' mysql_error()); 
                           } 
                            
                          mysql_select_db("tutorial",$con); 
                          $sql="INSERT INTO `form` (naam, leeftijd) VALUES (".$_POST['naam'].",".$_POST['leeftijd'].")";    
                            
                          if (!
                          mysql_query($sql,$con)) 
                            { 
                            die(
                          'Error: ' mysql_error()); 
                            } 
                          echo 
                          "1 record added";
                          mysql_close($con);
                          ?>

                          Comment


                          • #14
                            Originally posted by RedMatrix View Post
                            Take out the single quote ` from around the table name.
                            That's not a single quote, it's a backtick(above tab on most keyboards). It is perfectly valid(and sometimes required) syntax for MySQL.
                            Originally posted by RedMatrix View Post
                            I don't know why, but it works for me.
                            The backticks being there or not should not have mattered in this case. If you are using MySQL for the database you likely have odd(ie. not close to the default) PHP/MySQL settings, or your character encoding was transformed when you copy/saved it, or you changed something else without noticing.

                            No one as of yet has mentioned escaping the user input. This is an important step, not only for security, but it will break your SQL statement if you have certain special characters in your input.
                            PHP Code:
                            <?php
                            $con 
                            mysql_connect('localhost''root''1425367') or die('Kon geen contact maken met de database! ' mysql_error());
                            $db mysql_select_db('tutorial'$con) or die('Failed to select database!' mysql_error());

                            $sql 'INSERT INTO `form` (`naam`, `leeftijd`) VALUES (\'' mysql_real_escape_string($_POST['naam']) . '\', \'' mysql_real_escape_string($_POST['leeftijd']) . '\')';
                            $result mysql_query($sql$con) or die('Error: ' mysql_error());
                            if(
                            $result && mysql_affected_rows() > 0)
                            {
                                echo 
                            '1 record added';
                            }
                            else
                            {
                                echo 
                            'Inserting new row failed';
                            }

                            mysql_close($con);
                            ?>

                            Comment

                            Working...
                            X