CODEWITHSUNDEEP
phpmysqlstore
Guilherme Canella
Guilherme Canella

Reputation: 9

My PHP page is not saving data

I'm new in PHP programming and I'm trying to create a PHP page that has a box to write a text, for example, store this information and exhibit it. The ideia is the user is going to write the text in the box and when the click to "Send" the MySQL will store the information in the table and the command "atualizaPagina()" will show the information added. 

<!DOCTYPE html>
<?php

    require_once("enviar.php");

    if(!empty($_POST)){
        gravaTopico($_POST["mensagem"]);
    }
?>
<html>
    <head>
        <title>Teste em php</title>
    </head>
    <body>
        <?php

            atualizaPagina();
        ?>
        <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
            <textarea rows="10" cols="50" name="mensagem"></textarea>
            <input type="submit" value="Enviar" />
        </form>
    </body>
</html>

And the enviar.php file is here

<?php

    function gravaTopico($values){

        mysql_connect("localhost", "root", "Alabra%$") or die(mysql_error());

        mysql_select_db("ifscjr") or die(mysql_error());

        $strSQL = "INSERT INTO topicos(comentarios) VALUES($values)";

        mysql_query($strSQL) or die (mysql_error());

        mysql_close();
    }

    function atualizaPagina(){

        mysql_connect("localhost", "root", "Alabra%$") or die(mysql_error());

        mysql_select_db("ifscjr") or die(mysql_error());

        $strSQL = "SELECT * FROM topicos";

        $rs = mysql_query($strSQL);

        while($row = mysql_fetch_array($rs)){
            echo $row['comentarios'] . "<br />";
        }

        mysql_close();
    }

?>

Upvotes: 0

Views: 68

Answers (2)

Andrey Telesh
Andrey Telesh

Reputation: 51

MuthaFury is right. But, also you need to check not only that $_POST ins not empty, you need to check that $_POST["mensagem"] exists (!empty($_POST) && isset($_POST["mensagem"])). And you need to escape input string from quotes using mysql_real_escape_string, because if your $_POST["mensagem"] wiil contain quote (') your sql will be broken. Example for your code:

$values = mysql_real_escape_string($values);
$strSQL = "INSERT INTO topicos(comentarios) VALUES('$values')";

Upvotes: 0

MuthaFury
MuthaFury

Reputation: 815

Try changing this:

$strSQL = "INSERT INTO topicos(comentarios) VALUES ('$values')";

Upvotes: 1

Related Questions