Can't insert new records through PHP into mysql database

Question

When I press the submit button I get error.

object not found error.

And the page automatically adds empty entries with auto incremented primary key (without pressing the submit button).

I am still a beginner in PHP, I searched thoroughly but I can't find out what's wrong in code.

  <html>   
<head>
    <title>Add New Record in MySQL Database</title>
</head>   
<body>
    <form action="insert.php" method="post">
        <p>

            <label for="Name">Full Name:</label>

            <input type="text" name="Name" id="Name">

        </p>
        <p>
            <label for="Code">Code:</label>
            <input type="text" name="Code" id="Code">
        </p>
        <p>
            <label for="GPA">GPA:</label>
            <input type="text" name="GPA" id="GPA">
        </p>
        <input type="submit" value="Submit">
    </form>

    <?php
 /* Attempt MySQL server connection. Assuming you are running MySQL

 server with default setting (user 'root' with no password) */

 $link = mysqli_connect("localhost", "username", "password", "students");
// Check connection

if ($link === false) {

die("ERROR: Could not connect. " . mysqli_connect_error());
}
// Escape user inputs for security
$full_name = filter_input(INPUT_POST, 'full_name');
$code = filter_input(INPUT_POST, 'code');
$gpa = filter_input(INPUT_POST, 'gpa');
// attempt insert query execution
$sql = "INSERT INTO info VALUES ('$full_name', '$code', '$gpa')";
if (mysqli_query($link, $sql)) {
 echo "Records added successfully. $full_name";
} else {
 echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// close connection
mysqli_close($link);
?>
</body>
</html>  

Answer 1

Do with isset(). when the submit button clicks only the code runs.

Inside the php you should use the form input name field.

<?php
if(isset($_POST['submit'])){
    $link = mysqli_connect("localhost", "username", "password", "students");
    if ($link === false) {
        die("ERROR: Could not connect. " . mysqli_connect_error());
    }
    // Escape user inputs for security
    $full_name = filter_input(INPUT_POST, 'full_name');
    $code = filter_input(INPUT_POST, 'code');
    $gpa = filter_input(INPUT_POST, 'gpa');

    //to prevent sql injection attack
    $full_name = mysqli_real_escape_string($link, $full_name);
    $code = mysqli_real_escape_string($link, $code);
    $gpa  = mysqli_real_escape_string($link, $gpa);

    // attempt insert query execution
    $sql = "INSERT INTO info (Name,Code,GPA) VALUES ('$full_name', '$code', '$gpa')";
    if (mysqli_query($link, $sql)) {
        echo "Records added successfully. $full_name";
    } else {
        echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
    }
    // close connection
     mysqli_close($link);
}
?>
<html>   
<head>
  <title>Add New Record in MySQL Database</title>
</head>   
<body>
    <form action="insert.php" method="post">
    <p>
        <label for="Name">Full Name:</label>
        <input type="text" name="full_name" id="Name">
    </p>
    <p>
        <label for="Code">Code:</label>
        <input type="text" name="code" id="Code">
    </p>
    <p>
        <label for="GPA">GPA:</label>
        <input type="text" name="gpa" id="GPA">
    </p>
    <input type="submit" name="submit" value="submit">
</form>
</body>
</html>  

Answer 2

The problem is the input name. You named Full Name input with name="Name", but you declare $full_name = filter_input(INPUT_POST, 'full_name'); in php section. you must change full_name to Name. As well as the Code and GPA input.

Answer 3

Try this:

$full_name = filter_input(INPUT_POST, 'Name');
$code = filter_input(INPUT_POST, 'Code');
$gpa = filter_input(INPUT_POST, 'GPA');

The reason why I wrote that is because your input names contain Name, Code and GPA so you need to write this exactly as your input names (case-sensitive).