No data inserted into database. Am I wrongdoing it?

Question

polly89 0 Newbie Poster

14 Years Ago

I have a form named:"RegistrationForm.php". when i click the "submit button", there's a data inserted in the database (the prove is, there a new row in the database),
but there's no value from user textfield(ic_no,name,email...) that have been inserted.
It means like there's a row of data inserted but without value..

p/s- however, when i click the submit button, it successfully directed me to the "BookingForm.php" with all the session value...it's just that there's no data inserted into the database.

can someone straighten this up for me? am i doing wrong with the coding with the submit button?
here's the code

<?php
session_start();
$_SESSION['ic_no']=$ic_no;
$_SESSION['name']=$name;
$_SESSION['address']=$address;
$_SESSION['tel_no']=$tel_no;
$_SESSION['email']=$email;
?>


<html>
<body>

<form action="BookingForm.php" method="post">
  <p><strong>REGISTRATION FORM</strong></p>
  <table width="285" border="1">
    <tr>
      <th width="120" scope="row">Ic No :</th>
      <td width="149"><label>
        <input type="text" name="ic_no" id="ic_no" value="<?php $ic_no; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Name :</th>
      <td><label>
        <input type="text" name="name" id="name" value="<?php $name; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Address :</th>
      <td><label>
        <input type="text" name="address" id="address" value="<?php $address; ?>" >
      </label></td>
    </tr>
    <tr>
      <th scope="row">Contact No :</th>
      <td><label>
        <input type="text" name="tel_no" id="tel_no" value="<?php $tel_no; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Email :</th>
      <td><label>
        <input type="text" name="email" id="email"  value="<?php $email; ?>">
      </label></td>
    </tr>
  </table>
  <input type="submit" name="submit" id="submit" value="Submit">
  <?php
$con = mysql_connect("localhost","root","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("ambos", $con);

mysql_query("INSERT INTO customer (ic_no, name, address, tel_no, email)
VALUES ('$_POST[ic_no]', '$_POST[name]', '$_POST[address]','$_POST[tel_no]','$_POST[email]')");
mysql_close($con);

</form>
 </body>
</html>

any ideas is really appreciated

php

3 Contributors
6 Replies
129 Views
1 Day Discussion Span
Latest Post 14 Years Ago Latest Post by diafol

urtrivedi 276 Nearly a Posting Virtuoso

14 Years Ago

You need to write following code in "BookingForm.php" page. Remove this code from your registration page. Becuase when registration page is opened nothting is posted to it, so blank row is inserted.

<?php
$con = mysql_connect("localhost","root","password");
if (!$con) 
 { 
 die('Could not connect: ' . mysql_error());  }
 mysql_select_db("ambos", $con); mysql_query("INSERT INTO customer (ic_no, name, address, tel_no, email)VALUES ('$_POST[ic_no]', '$_POST[name]', '$_POST[address]','$_POST[tel_no]','$_POST[email]')");
mysql_close($con);
?>

Edited 14 Years Ago by urtrivedi because: n/a

diafol

14 Years Ago

As a side issue - you really are a wrongdoer if you intend on placing unsanitized form data straight into your DB.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

polly89 0 Newbie Poster · Answer 1 · 2010-03-29T21:15:16+00:00

As a side issue - you really are a wrongdoer if you intend on placing unsanitized form data straight into your DB.

i'm sorry. but do you mean by " placing unsanitized form". i just started learn thus many things that i still learn right now.

do you means that my coding is messy or not logic?

diafol · Answer 2 · 2010-03-29T22:12:32+00:00

i'm sorry. but do you mean by " placing unsanitized form". i just started learn thus many things that i still learn right now.
do you means that my coding is messy or not logic?

If you pass raw data from a form into a DB - you could get trouble. Use this:

$ic_no = mysql_real_escape_string($_POST['ic_no']);
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$tel_no = mysql_real_escape_string($_POST['tel_no']);
$email = mysql_real_escape_string($_POST['email']);

mysql_select_db("ambos", $con); mysql_query("INSERT INTO customer (ic_no, name, address, tel_no, email)VALUES ('$ic_no', '$name', '$address','$tel_no','$email')");
mysql_close($con);

If your ic_no field is an autoincrement, there is no need to include it, it will be assigned automatically.
Also $_POST[address] is wrong - use $_POST - with the quotes.

polly89 0 Newbie Poster · Answer 3 · 2010-03-30T20:03:49+00:00

thanks ardav for the explanation and the little bits of the tips.
finally i did solve the problems...

diafol · Answer 4 · 2010-03-31T00:49:45+00:00

Great! Mark it solved please.