Mr A
Reputation: 7
PHP sending empty Form values to Server
This server acknowledges the PHP connection, but the values entered in the form do not get stored just empty table rows.
The PHP code:
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Aliens Abducted Me - Report an Abduction</title>
</head>
<body>
<h2>Aliens Abducted Me - Report an Abduction</h2>
<?php
$name = $_POST'firstname';
$last_name =$_POST'lastname';
$when_it_happened = $_POST'whenithappened';
$how_long = $_POST'howlong';
$how_many = $_POST'howmany';
$alien_description = $_POST'aliendescription';
$what_they_did = $_POST'whattheydid';
$fang_spotted = $_POST'fangspotted';
$email = $_POST'email';
$other = $_POST'other';
$dbc = mysqli_connect('localhost', 'root', 'Password', 'aliendatabase')
or die('Error Connecting to MySQL server');
$query = "INSERT INTO aliens_abduction (first_name, last_name, when_it_happened, how_long, " .
"how_many, alien_description, what_they_did, fang_spotted, other, email) " .
"VALUES ('$first_name, '$last_name', '$when_it_happened', '$how_long', '$how_many', " .
"'$alien_description', '$what_they_did', '$fang_spotted', '$other', '$email')";
$result = mysqli_query($dbc, $query)
or die('Error Querying Database');
mysqli_close($dbc);
echo 'Thanks for submitting the form.<br />';
echo 'You were abducted ' . $when_it_happened;
echo ' and were gone for ' . $how_long . '<br />';
echo 'Number of aliens: ' . $how_many . '<br />';
echo 'Describe them: ' . $alien_description . '<br />';
echo 'The aliens did this: ' . $what_they_did . '<br />';
echo 'Was Fang there? ' . $fang_spotted . '<br />';
echo 'Other comments: ' . $other . '<br />';
echo 'Your email address is ' . $email;
?>
</body>
</html>
Here's the Form/HTML Code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Aliens Abducted Me - Report an Abduction</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Aliens Abducted Me - Report an Abduction</h2>
<p>Share your story of alien abduction:</p>
<form method="post" action="report.php">
<label for="firstname">First name:</label>
<input type="text" id="firstname" name="firstname" /><br />
<label for="lastname">Last name:</label>
<input type="text" id="lastname" name="lastname" /><br />
<label for="email">What is your email address?</label>
<input type="text" id="email" name="email" /><br />
<label for="whenithappened">When did it happen?</label>
<input type="text" id="whenithappened" name="whenithappened" /><br />
<label for="howlong">How long were you gone?</label>
<input type="text" id="howlong" name="howlong" /><br />
<label for="howmany">How many did you see?</label>
<input type="text" id="howmany" name="howmany" /><br />
<label for="aliendescription">Describe them:</label>
<input type="text" id="aliendescription" name="aliendescription" size="32" /><br />
<label for="whattheydid">What did they do to you?</label>
<input type="text" id="whattheydid" name="whattheydid" size="32" /><br />
<label for="fangspotted">Have you seen my dog Fang?</label>
Yes <input id="fangspotted" name="fangspotted" type="radio" value="yes" />
No <input id="fangspotted" name="fangspotted" type="radio" value="no" /><br />
<img src="fang.jpg" width="100" height="175"
alt="My abducted dog Fang." /><br />
<label for="other">Anything else you want to add?</label>
<textarea id="other" name="other"></textarea><br />
<input type="submit" value="Report Abduction" name="submit" />
</form>
</body>
</html>
The code is straight from a book. php v5.6.22 and latest Apache and MySQL. Can anyone tell me what might be wrong or what I'm doing wrong
Upvotes: 1
Views: 240
Answers (1)
Funk Forty Niner
Reputation: 74217
See this => $_POST'firstname'; and all the other POST arrays?
They are missing brackets [] for them.
So change that to $_POST['firstname']; and do the same for all the others also.
Error reporting would have helped you here, as would reading the manual on forms.
Plus, you should use a conditional !empty() against all your POST arrays going in your database.
This could trigger errors if any of those are left empty, should your database not accept NULL values.
You also have a missing quote for ('$first_name, and concatenates in your query.
This needed to be rewritten as such:
$query = "INSERT INTO aliens_abduction (first_name, last_name, when_it_happened, how_long,
how_many, alien_description, what_they_did, fang_spotted, other, email)
VALUES ('$first_name', '$last_name', '$when_it_happened', '$how_long', '$how_many',
'$alien_description', '$what_they_did', '$fang_spotted', '$other', '$email')";
Footnotes:
Your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements.
Upvotes: 3
Related Questions
- How can I prevent SQL injection in PHP?
- How do you disable browser autocomplete on web form field / input tags?
- How do you parse and process HTML/XML in PHP?
- Deleting an element from an array in PHP
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- How does PHP 'foreach' actually work?
- How do I get PHP errors to display?
- Why shouldn't I use mysql_* functions in PHP?
- HTML: Valid id attribute values?
- What does enctype='multipart/form-data' mean?