Reputation: 51
This code is used to put a data in the database once the button is activated and then take it off and replace it by(Question save!). The problem is it take me two attempts to make it disappear(the button). $numofrow is used to verify if the action was once made(the action of the submit button). The problem is not the database,query,etc, its really the button. Thanks for your time.
This is my code:
if(isset( $real_domaine)){
$tt = "SELECT*FROM uniwix.table0 WHERE id= '$id' ";
$rr = mysqli_query($database,$tt);
while($rows = mysqli_fetch_assoc($rr)){
[rows call...]
$md = "SELECT*FROM uniwix.table1 WHERE usern='$us' and question='$sujet'";
$ao = mysqli_query($database,$md);
$numofrow = mysqli_num_rows($ao);
if($numofrow == 0){
echo '<form action="" method="POST">
<input type="submit" name="sauvegarder" value="Save the question"/>
</form>';
if(isset($_POST['sauvegarder'])){
$qu = "INSERT INTO database (usern,question) VALUES('".$us."','".$sujet."')";
$sm = mysqli_query($database,$qu);
}
}else{
echo 'Question saved!';
}
//end of while loop
}
// end of if(isset( $real_domaine))
}
Upvotes: 0
Views: 683
Reputation: 72425
The problem is not the database,query,etc, its really the button.
The button is almost passive, all it does is to send the data to the server when it is pressed. The error is in the (lack of) logic of the PHP code.
When the script runs for the first time, $numofrow
is 0
. It runs the echo
that generates the form with the button then it checks if $_POST['sauvegarder']
is set. It is not set, of course, because when the page is loaded for the first time, the GET
method is used.
The user presses the button, the data is submitted using POST
and the code runs again. $numofrow
is still 0
(no data was inserted in the database yet), the form is displayed again but this time $_POST['sauvegarder']
is set and the data received from the browser is saved into the database.
You need to rethink the logic of you page.
More, the form is empty. Maybe it works but this is not the correct way to write forms. The input fields you want to send to the server must stay in the form.
Even more, and the most important of all, your database code is a candidate for SQL injection. Don't build queries using string concatenation. Use prepared statements. Also read about how prevent SQL injection in PHP.
Upvotes: 1