PHP submitting data to table on same page

Question

Trying to figure out how to submit a new post to a preexisting table already created with data entries from mysql database. I want it to test if the request came from a POST first and if so, to insert a new row into the database and to display the new data in the table. This is what I've came up with so far but on submit, nothing seems to happen and my table disappears. Any help is greatly appreciated.

Here's what I have so far:

      $result = mysqli_query($dbconnect, $query);
            $num_rows = mysqli_num_rows($result);
        }
        if ($num_rows > 0) // build a table to show results
        {
        echo "<table border='1'>";
        echo "<tr>";
        echo "<th>Post ID </th>"; echo "<th>Author</th>";
        echo "<th>Title</th>"; echo "<th>Post</th>";
        echo "</tr>";

     while($row = mysqli_fetch_array($result))
        {
        echo "<tr>";
        echo "<td>" . $row['pid'] . "</td>";
        echo "<td>" . $row['author'] . "</td>";
        echo "<td>" . $row['title'] . "</td>";
        echo "<td>" . $row['post'] . "</td>";
        echo "</tr>";
        }   
        echo "</table>";
    } else{
        echo "No rows returned.";
    }
    ?>

 <form name ="myForm" action ="second.php<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"   
       method = "POST"> <br><br><br>

     <h3> Create a Post </h3>

     Author  <input type ="text" size ="40" name ="author"/><br>
     Title <input type ="text" size ="30" name ="title"/><br><br>
     Post <br><textarea rows ="15" cols ="10" name ="post"></textarea><br>
     <input type ="submit" name = "submitpost" value ="Submit Post"/>
    </form>
    <?php


  // $sql = "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')";

  //if($_SERVER['REQUEST_METHOD'] === 'POST'){
   //if(isset($_POST['submitpost'])){

  //post the $sql back into the exisiting table somehow
   ?>

Answer 1

• Note to future readers. This answer was based on OP's original post. See the revisions.

Place your INSERT query inside your conditional statements:

if($_SERVER['REQUEST_METHOD'] === 'POST'){

  if(isset($_POST['submitpost'])){

  $sql = mysqli_query($dbconnect, "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')") 

     or die(mysqli_error($dbconnect));

    }

}

and change action ="second.php<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" to just action=""

Use a conditional !empty() with your POST arrays to make sure you don't get any empty data and possibly throw an error.

---

Sidenote:

Your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.

---

As per your edit, you're missing two closing braces } which error reporting would have thrown a notice if it were used.

 <form name ="myForm" action =""  method = "POST"> <br><br><br>

     <h3> Create a Post </h3>

     Author  <input type ="text" size ="40" name ="author"/><br>
     Title <input type ="text" size ="30" name ="title"/><br><br>
     Post <br><textarea rows ="15" cols ="10" name ="post"></textarea><br>
     <input type ="submit" name = "submitpost" value ="Submit Post"/>
    </form>
    <?php

   if($_SERVER['REQUEST_METHOD'] === 'POST'){

     if(isset($_POST['submitpost'])){

   $sql = "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')";

   $data = mysqli_query($dbconnect, $sql)

        or die(mysqli_error($dbconnect));

    }

  }