CODEWITHSUNDEEP
phpmysql
John
John

Reputation: 952

Form is not posting to MySQL database

I am trying to send data from a textfield to my database. When I run the code I get no errors. But the code isnt posting the data to the database. I cant see whats wrong, can someone look what is wrong?

index.php

<?php 
session_start(); 
?>
<html>
<form name="reaction" method="post" action="./send/send1.php">
<input type="text" class="form-control" id="data_1" name="data_1" placeholder="Data 1" />

<button name="send">Send</button>
</form>
</html>

send1.php

<?php 
session_start(); 

?>
<html>
<body>
<table>
<?php
$correct = true;

$data_1 = $_POST['data_1'] ;

?>
</table>
<?php
if($correct){
    $db = new PDO('mysql:host=localhost;dbname=database', 'root', '');
    $query = "UPDATE table SET data_1=" . $data_1 . " WHERE id='" . $_SESSION['ID'] ."'";
$stmt = $db->prepare($query);
$stmt->execute(array($adres_1));

    echo "<br /><br />Success.<br />\n";
} else {

    echo "<br /><br />Error.<br />\n";
}
?>
</body>
</html>

Upvotes: 0

Views: 60

Answers (3)

Jagadeesh
Jagadeesh

Reputation: 754

You have to submit your code. Then only the values are send to the php file by the POST method.

index.php

<?php 
session_start(); 
?>
<html>
<form name="reaction" method="post" action="./send/send1.php">
<input type="text" class="form-control" id="data_1" name="data_1" placeholder="Data 1" />

<input type="submit" name="send">Send</button>
</form>
</html>

send1.php

<?php 
session_start(); 

?>
<html>
<body>
<table>
<?php
$correct = true;

if ($_POST['send']) {
    $data_1 = $_POST['data_1'] ;
}

?>
</table>
<?php
if($correct){
    $db = new PDO('mysql:host=localhost;dbname=database', 'root', '');
    $query = "UPDATE table SET data_1=" . $data_1 . " WHERE id='" . $_SESSION['ID'] ."'";
$stmt = $db->prepare($query);
$stmt->execute(array($adres_1));

    echo "<br /><br />Success.<br />\n";
} else {

    echo "<br /><br />Error.<br />\n";
}
?>
</body>
</html>

Upvotes: 0

VolkerK
VolkerK

Reputation: 96159

a) your script needs more error handling.
Before accessing $_POST['data_1'], you should test its existence, e.g. via isset().
Your database code doesn't have any error handling, too. Either set the error mode to PDO::ERRMODE_EXCEPTION or (/and) make sure you test each and every return value of the PDO::* methods.

$db = new PDO('mysql:host=localhost;dbname=database', 'root', '');
$query = "UPDATE table SET data_1=" . $data_1 . " WHERE id='" . $_SESSION['ID'] ."'";
$stmt = $db->prepare($query);
if ( !$stmt ) {
    yourErrorHandler('could not prepare statement', $db->error);
}
else if ( !$stmt->execute(array($adres_1)) ) {
    yourErrorHandler('could execute statement', $stmt->error);
}
else if ( 1>$stmt->rowCount() ) {
    // no record has been updates
}
else {
    // at least one record has been updated
}

b) $stmt->execute(array($adres_1)); What is $adres_1? It's not anywhere else in that code.
c) Your code is prone to sql injections. You can fix that e.g. by using prepared statements + parameters.

The whole code looks like small parts of other scripts have been copy&pasted without understanding what those snippets do.

Upvotes: 1

neuhaus
neuhaus

Reputation: 4094

Are you using autocommit? maybe your db changes are being rolled back. Try adding an extra COMMIT SQL statement.

Upvotes: 0

Related Questions