What is wrong with this PHP code?

Question

Clanstrom 0 Light Poster

12 Years Ago

Ok, i am so new to PHP and today, i wanted to create a very simple php code that submits username and country name into myqsl. So, I created databse and tables in phpMyAddmin, and i created two php files ( c below ) i.e. form.php & insert.php

This is form.php

<?php
mysql_connect("localhost", "root", "test") or die(mysql_error());
echo "Connected to MySQL<br />";
mysql_select_db("testdb") or die(mysql_error());
?>


<?php

@$username = $_POST['name'];
@$country = $_POST['country'];


?>


<form action="insert.php" method="post" >
username<input type="text" name="name" value=""> </br>
country<input type="text" name="country" value=""></br>
<input type="submit" name="submit" value="Submit">
</form>

This is insert.php

<?php
//

//echo $username;
//echo $country;

?>

<?php
include ('forum.php');
if (isset($_REQUEST['Submit'])) {  
mysql_query("INSERT INTO users 
(name, country) VALUES('$username', '$country' ) ") 
or die(mysql_error());
}
?>

I know, this might be the funniest code you've ever seen, but i am puzzled.
What is it, that i have done wrong in here?

mysql php

5 Contributors
18 Replies
238 Views
1 Week Discussion Span
Latest Post 12 Years Ago Latest Post by Clanstrom

diafol

12 Years Ago

include ('forum.php');

is that supposed to be form.php?

ANyway, $username and $country don't exist in insert.php

It looks as though you've messeed up which bit of code goes in which file. Have another think about where the data goes.

diafol

12 Years Ago

No.
I've said you need to refactor gour code

ko ko 97 Practically a Master Poster

12 Years Ago

<?php
mysql_connect("localhost", "root", "test") or die(mysql_error());
echo "Connected to MySQL<br />";
mysql_select_db("testdb") or die(mysql_error());
?>


<?php

@$username = $_POST['name'];
@$country = $_POST['country'];


?>

Put this in form.php, remove include(form.php) and try. If you want to show the form again. Redirect to that page when the INSERT finished with custom message, FAILS or SUCCESSES. There is a lot of tutorials on the internet. You can google for that.

vaultdweller123 32 Posting Pro

12 Years Ago

try this, just a revision to your code

<?php
mysql_connect("localhost", "root", "test") or die(mysql_error());
mysql_select_db("testdb") or die(mysql_error());


$username = $_POST['name'];
$country = $_POST['country'];

if (isset($_REQUEST['Submit'])) {  
mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) "); 
or die(mysql_error());
}

?>
<form method="post">
username<input type="text" name="name" value=""> </br>
country<input type="text" name="country" value=""></br>
<input type="submit" name="submit" value="Submit">
</form>

diafol

12 Years Ago

Solved?

diafol

12 Years Ago

Great, thanks for sharing. Please mark the thread solved (there is a link below).

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Clanstrom 0 Light Poster · Answer 1 · 2012-02-12T23:08:18+00:00

thanks, that is form.php btw. Can you adjust the code pl

Clanstrom 0 Light Poster · Answer 2 · 2012-02-17T00:58:10+00:00

Thank you guys, for the reply. But i tried each of your suggestions and ended up with these results.

@vaultdweller123 I tried, you code and i got this result.

Parse error: syntax error, unexpected T_LOGICAL_OR in C:\xampp\htdocs\DIRECTORY\SQL\insert.php on line 11

@Zero13 Thank you for the code, but it only connects to database. Isn't there a simple code that, just connects to databse and inserts a country and name forum in my sql?

Once, again thanks

veedeoo 474 Junior Poster Featured Poster · Answer 3 · 2012-02-17T01:52:51+00:00

try changing this

mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) "); 
or die(mysql_error());

to this

mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
or die(mysql_error());

The T_LOGICAL_OR error is caused by ; the or die is part of your statement and should not be separated from the query.

Just a humble question, what is the reason behind this code?

if (isset($_REQUEST['Submit']))

Can't we just make it like this?

if (isset($_POST['Submit']))

or

if (isset($_GET['Submit']))

$_REQUEST is generalized form processor function. Many people find it handy, because you don't even have to take a second look on whatever form method assignment they have on the form. One function takes all...

I don't see much problem using $_REQUEST in non-database pagination applications, or maybe some flat file processing where data is somewhat pretty casual in terms of security. However, if the application is going to be inserting, deleting, dropping, and updating data, it can create some security issues on the application.

Clanstrom 0 Light Poster · Answer 4 · 2012-02-17T02:36:57+00:00

try changing this
mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) "); 
or die(mysql_error());
to this
mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
or die(mysql_error());
The T_LOGICAL_OR error is caused by ; the or die is part of your statement and should not be separated from the query.
Just a humble question, what is the reason behind this code?
if (isset($_REQUEST['Submit']))
Can't we just make it like this?
if (isset($_POST['Submit']))
or
if (isset($_GET['Submit']))
$_REQUEST is generalized form processor function. Many people find it handy, because you don't even have to take a second look on whatever form method assignment they have on the form. One function takes all...
I don't see much problem using $_REQUEST in non-database pagination applications, or maybe some flat file processing where data is somewhat pretty casual in terms of security. However, if the application is going to be inserting, deleting, dropping, and updating data, it can create some security issues on the application.

Hey, Veedo - I tried changing the code as you asked, although am glad i didn't get any errors but, i am afraid it does not submit any data into the database. I just, opened the page and filled the two forms and submitted, i opened phpmyAdmin, to check for the any datas passed, but there is nothing.

This is the whole code.

<?php
    mysql_connect("localhost", "root", "test") or die(mysql_error());
    mysql_select_db("testdb") or die(mysql_error());
     
     
    @$username = $_POST['name'];
    @$country = $_POST['country'];
     
    if (isset($_POST['Submit'])) {
        mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
    or die(mysql_error());
    }
     
    ?>
    <form method="post">
    username<input type="text" name="name" value=""> </br>
    country<input type="text" name="country" value=""></br>
    <input type="submit" name="submit" value="Submit">
    </form>

Is something wrong with it?

veedeoo 474 Junior Poster Featured Poster · Answer 5 · 2012-02-17T03:18:17+00:00

The echo test..

ok let's do it this way first.. We need to see if the form data is being posted on the script side and the data is even being pick up; what we are trying to insert.

<?php
    mysql_connect("localhost", "root", "test") or die(mysql_error());
    mysql_select_db("testdb") or die(mysql_error());
     
    ## lets remove the error suppressors for now
    $username = $_POST['name'];
    $country =  $_POST['country'];
    
    if (isset($_POST['submit'])) {
## we need to comment out the query first to see if it is posting your form
/*
        mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
    or die(mysql_error());

  
*/

## lets echo the username and country to view the result
 echo $username."<br/>";
echo $country."<br/>";
    }   
    ?>
    <form method="post">
    username<input type="text" name="name" value=""> </br>
    country<input type="text" name="country" value=""></br>
    <input type="submit" name="submit" value="Submit">
    </form>

If you are viewing the username and country, you script is working. You can then remove the comment tags and try again if it will post on your database.

I just realize that all along the error on your code are these..

if (isset($_POST['Submit']))

and

<input type="submit" name="submit" value="Submit">

to correct the problem, the above should be changed to this

if (isset($_POST['submit']))

You will probably noticed that I already made a correction on your codes on the echo test

Clanstrom 0 Light Poster · Answer 6 · 2012-02-17T03:25:48+00:00

I tried it, got this error. I tried to figure it out, but i couldn't. Sorry, buddy and thanks for the quick response.

Here is the error.

Parse error: syntax error, unexpected $end in C:\xampp\htdocs\DIRECTORY\SQL\insert.php on line 27

diafol · Answer 7 · 2012-02-17T04:24:38+00:00

It suggests that there may be unbalanced braces {} somewhere

vaultdweller123 32 Posting Pro · Answer 8 · 2012-02-17T05:55:07+00:00

@viribium the code ive given to you was a combination of your both index.php and insert.php, so put that code in your index.php and remove line 11

or die(mysql_error());

Clanstrom 0 Light Poster · Answer 9 · 2012-02-17T18:54:02+00:00

Ohh, God. After this long, i finally got it. Thank you so much Guys. It's works.
veedeoo did most of the job, ardav Your last hint made got rid of the that last error vaultdweller123 You helped a lot too. Thanks guys, i will take it from here.

Clanstrom 0 Light Poster · Answer 10 · 2012-02-17T22:51:19+00:00

Solved?

Yep Ardav. I used this below code, and posted in DB and checked the result with manually with php my admin, and it submits to SQL. As insignificant as it may seem, this is a great code for me to learn, explore and be creative in php and database driven applications. This, how i learn things faster, taking the core blue print and going crazy with it.
Thanks! :)

Here is the full code.

<?php
    mysql_connect("localhost", "root", "test") or die(mysql_error());
    mysql_select_db("testdb") or die(mysql_error());
     
    ## lets remove the error suppressors for now
    @$username = $_POST['name'];
    @$country = $_POST['country'];
     
    if (isset($_POST['submit'])) {
    ## we need to comment out the query first to see if it is posting your form
   
      mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
      or die(mysql_error());
     
     
     
      }
    ## lets echo the username and country to view the result
    echo $username."<br/>";
    echo $country."<br/>";
     
    ?>
    <form method="post">
    username<input type="text" name="name" value=""> </br>
    country<input type="text" name="country" value=""></br>
    <input type="submit" name="submit" value="Submit">
    </form>

veedeoo 474 Junior Poster Featured Poster · Answer 11 · 2012-02-18T01:02:33+00:00

good thing it all worked out for you...Another thing I noticed on your code is the php error suppressor @.. as in

@$username = $_POST['name'];
@$country = $_POST['country'];

it should be like this

$username = @$_POST['name'];
$country = @$_POST['country'];

Here are the reasons why?

The posted value of $_POST; is assigned to variable $username right? The error will not come up until fault is detected during the POST. So, the error is definitely coming from the post and not from the variable $username. My explanation is a little bit cloudy.

Your final practice codes should be something like this

<?php
    mysql_connect("localhost", "root", "test") or die(mysql_error());
    mysql_select_db("testdb") or die(mysql_error());
     
    
     
    if (isset($_POST['submit'])) {
	
	## if the form is submitted then we can post name and country
	
	## suppressors should be placed on the item or items assigned for the variables.
    $username = @$_POST['name'];
    $country = @$_POST['country'];
	
    ## we need to comment out the query first to see if it is posting your form
   
      mysql_query("INSERT INTO users(name, country) VALUES('$username', '$country' ) ")
      or die(mysql_error());
     
     
     
      }
    ## lets echo the username and country to view the result
    echo $username."<br/>";
    echo $country."<br/>";
     
    ?>
    <form method="post">
    username<input type="text" name="name" value=""> </br>
    country<input type="text" name="country" value=""></br>
    <input type="submit" name="submit" value="Submit">
    </form>

As you become proficient with this type of database query, try to attempt learning and working on PDO, because you can isolate the problems as they arise a lot better. It is not that hard.. it is all about how you design the flow of your script.

Please mark this as solved :)

Clanstrom 0 Light Poster · Answer 12 · 2012-02-18T01:11:31+00:00

Thanks Veedeoo, I think you are one of the PHP geniuses i've seen around. Thanks for the help, and i understand about the benefits of the error handling trick. Thanks, man. Thread is solved btw