CODEWITHSUNDEEP
phpmysqlforum
user2544765
user2544765

Reputation: 115

PHP and MySQL posting system

Okay, Here's my problem. I am trying to make a posting script for my website. However this script is not working; the script is below: 

   <?php
      // Make sure the user is logged in before going any further.
      if (!isset($_SESSION['user_id'])) {
        echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
        exit();
      }
      else {
        echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout.php">Log out</a>.</p>');
      }

      // Connect to the database
      $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

      if (isset($_POST['submit'])) {
        // Grab the profile data from the POST
        $post1 = mysqli_real_escape_string($dbc, trim($_POST['post1']));
        $query = "INSERT INTO ccp2_posts ('post') VALUES ('$post1')";

        $error = false;

      mysqli_close($dbc);
     ?>




     <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
        <legend>Posting</legend>
            <label for="post">POST:</label>
            <textarea rows="4"  name="post1" id="post" cols="50">Write your post here...</textarea><br />
            <input type="submit" value="submit" name="submit" />
    </form>

    </div>

      <?php

    include ("include/footer.html");

    ?>

    </body> 
    </html>

Nothing shows up in the database when I submit the form. Help would be amazing. Thanks.

Upvotes: 0

Views: 1620

Answers (5)

vee
vee

Reputation: 38645

You haven't executed the query. All you've done is opened a connection, defined the query string and closed the connection.

Add: 

if(msyqli_query($dbc, $query)) {
  // Successful execution of insert query
} else {
  // Log error: mysqli_error($dbc)
}

after this line: 

$query = "INSERT INTO ccp2_posts ('post') VALUES ('$post1')";

Update:

Started editing but had to leave... As other answerers have pointed you need to either quote the post column with a backick or remove the single quote that you currently have altogether. The only case where you need to use backticks to escape identifiers that are one of the MySQL Reserved Words.

So the working version of your query would be:

$query = "INSERT INTO ccp2_posts (post) VALUES ('$post1')";

Upvotes: 1

D. Melo
D. Melo

Reputation: 2239

You are not submiting to the database using, for example, the mysql_query() function.

Upvotes: 0

Niet the Dark Absol
Niet the Dark Absol

Reputation: 324650

Your query is not quite right:

$query = "INSERT INTO `ccp2_posts` (`post`) VALUES ('$post1')";

Note that those are backticks `, not single-quotes. This is very important! Backticks are used to name databases, tables and column names, and in particular it means you don't have to remember the extensive list of every single reserved word. You could call your column `12345 once I caught a fish alive!` if you want to!

Anyway, more importantly, you aren't actually running your query!

mysqli_query($dbc,$query);

Upvotes: 0

Linga
Linga

Reputation: 10563

You missed

mysqli_query($dbc,$query);

In your code,

$query = "INSERT INTO ccp2_posts ('post') VALUES ('$post1')";
mysqli_query($dbc,$query);

Upvotes: 0

Gordon Linoff
Gordon Linoff

Reputation: 1269973

You may have other problems, but your SQL is bad. You can't use single quotes around 'post'. You want backticks or nothing:

INSERT INTO ccp2_posts(post) VALUES ('$post1')

Upvotes: 0

Related Questions