Reputation: 261
Adding Data to a MySQL Database from an HTML Form
HI all i've a basic Web Form for putting data into a mysql database, I created code to report if i was connected to my Database correctly and it was so on completion of the form i tested it and it seems to do what i expected but when i goto my database no data was actually entered? I've tried this locally and on a server with both doing the same thing. Here is my two .php forms for you to look that i used on my local machine to test in MAMP just incase i have done something wrong:
virtualWalkLog.php
<form action="hazardsform.php" method="POST" />
<p>ROUTE: <input type="text" name="ROUTE" /></p>
<p>ADDRESS: <input type="text" name="ADDRESS" /></p>
<p>LATITUDE: <input type="text" name="LATITUDE" /></p>
<p>LONGITUDE: <input type="text" name="LONGITUDE" /></p>
<p>HAZARD: <input type="text" name="HAZARD" /></p>
<p>RISK: <input type="text" name="RISK" /></p>
<input type="submit" value="Submit" />
</form>
hazardsform.php
<?php
define('DB_NAME', 'virtualWalkLog');
define('DB_USER', 'root');
define('DB_PASSWORD', 'root');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['ROUTE'];
$value = $_POST['ADDRESS'];
$value = $_POST['LATITUDE'];
$value = $_POST['LONGITUTE'];
$value = $_POST['HAZARD'];
$value = $_POST['RISK'];
$sql = "INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2',
'$value3', '$value4', '$value5', '$value6')";
mysql_close();
Many Thanks in advance
Upvotes: 5
Views: 50594
Answers (6)
Reputation: 6950
Going through your script quickly you need to call mysql_query($sql) after
$sql = "INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2',
'$value3', '$value4', '$value5', '$value6')";
mysql_sql query will actually execute the query.
Also as $value should be unique
$value = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
-----
SUGGESTION Since you have just begin ..I will suggest you try mysql_* for just concepts
but use mysqli_* or PDO .. You shold also know about sql injection
Here are some tutorials to help you
http://php.net/manual/en/security.database.sql-injection.php
http://php.net/manual/en/book.pdo.php
http://php.net/manual/en/book.mysqli.php
Upvotes: 6
Reputation: 4268
You are capturing all the input fields value into one variable. You need to execute mysql_query for it to work. Change this :-
$value = $_POST['ROUTE'];
$value = $_POST['ADDRESS'];
$value = $_POST['LATITUDE'];
$value = $_POST['LONGITUTE'];
$value = $_POST['HAZARD'];
$value = $_POST['RISK'];
to:-
$value = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
$value4 = $_POST['LONGITUTE'];
$value5 = $_POST['HAZARD'];
$value6 = $_POST['RISK'];
Once you have done that, you need to call mysql_query($sql) to execute the query.
Upvotes: 2
Reputation: 30488
you are assigning values to only one variable $value here
$value = $_POST['ROUTE'];
$value = $_POST['ADDRESS'];
$value = $_POST['LATITUDE'];
$value = $_POST['LONGITUTE'];
$value = $_POST['HAZARD'];
$value = $_POST['RISK'];
should be
$value = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
$value4 = $_POST['LONGITUTE'];
$value5 = $_POST['HAZARD'];
$value6 = $_POST['RISK'];
Also call mysql_query($sql); for running the query.
Upvotes: 3
Reputation: 89
just rename:
$value = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
$value4 = $_POST['LONGITUTE'];
$value5 = $_POST['HAZARD'];
$value6 = $_POST['RISK'];
Upvotes: 2
Reputation: 1680
You kep all the variables as the same name
$value = $_POST['ROUTE'];
$value = $_POST['ADDRESS'];
$value = $_POST['LATITUDE'];
$value = $_POST['LONGITUTE'];
$value = $_POST['HAZARD'];
$value = $_POST['RISK'];
change them to unique id's (as you referenced in the sql statement)
$value1 = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
$value4 = $_POST['LONGITUTE'];
$value5 = $_POST['HAZARD'];
$value6 = $_POST['RISK'];
and change your query statement to actually execute
$result = mysql_query("INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2',
'$value3', '$value4', '$value5', '$value6')");
Upvotes: 1
Reputation: 23510
you are not exectuing your query, this is why no data is inserted. Try to place after
$sql = "INSERT INTO rmbhazards (ROUTE, ADDRESS, LATITUDE, LONGITUDE, HAZARD, RISK) VALUES ('$value', '$value2', '$value3', '$value4', '$value5', '$value6')";
this
$result = mysql_query($sql);
also all values are in one variable $value, so you will end up with all the same result in your table so change to this to fit your query
$value = $_POST['ROUTE'];
$value2 = $_POST['ADDRESS'];
$value3 = $_POST['LATITUDE'];
$value4 = $_POST['LONGITUTE'];
$value5 = $_POST['HAZARD'];
$value6 = $_POST['RISK'];
I would also sugeest you to stop using mysql_ api since they are depecrated, please switch to PDO or mysqli
Furthermore you are ready to mysql injection. there is a nice tutorial here which explain you everything about that -> How can I prevent SQL injection in PHP?
Upvotes: 6
Related Questions
- Inserting Data into MySQL table using HTML form
- How to insert data from an HTML form into MySQL
- Adding records into a database from an html form
- Form Data to a Table With a Database
- html form to mysql database
- How do I insert data in a mySQL database from a form using PHP?
- insert data into a table using html form
- insert HTML form data to a MySQL database with PHP
- Insert data in mysql by html form (and more..)