Here is my code for adding users to mysql database, I really don't know why it won't submit it...
<?php include 'includes/header.php'; ?>
<?php
if (isset($_post['submit'])) {
$ime_priimek = $_post['ime_priimek'];
$spol = $_post['spol'];
$razred = $_post['razred'];
$slika = $_post['slika'];
$sql = mysqli_query($con, "INSERT INTO uporabniki (ime_priimek, spol, razred, slika) VALUES ('". $ime_priimek ."' , '". $spol ."' , '". $razred ."' , '". $slika ."' , )" or die(mysql_error()));
echo "Dodan";
} else {
echo "Ni dodan";
}
?>
<div class="container main">
<div class="row">
<div class="col-lg-8">
<div class="panel panel-primary">
<div class="panel-heading">Dodaj uporabnika</div>
<div class="panel-body">
<form role="form" action="admin.php?g=miha" method="post" accept-charset="utf-8">
<div class="form-group">
<label for="ime_priimek">Ime in priimek:</label>
<input type="text" name="ime_priimek" class="form-control" id="ime_priimek" placeholder="Andrej Novak">
</div>
<div class="form-group">
<label for="spol">Spol:</label>
<input type="text" name="spol" class="form-control" id="spol" placeholder="Moški">
</div>
<div class="form-group">
<label for="razred">Razred:</label>
<input type="text" name="razred" class="form-control" id="razred" placeholder="2. Mb">
</div>
<div class="form-group">
<label for="slika">Slika:</label>
<input type="text" name="slika" class="form-control" id="slika" placeholder="https://fbcdn-sphotos-c-a.akamaihd.net/hphotos-ak-ash3/1391614_10200902760433385_105742999_n.jpg">
</div>
<button class="btn btn-primary" name="submit" type="submit">Dodaj</button>
</form>
</div>
</div>
</div>
I can't find reason why this code won't insert data in my database. Please help!
For one thing, $_POST
is a superglobal and must be in uppercase like this $_POST
yours are all in lowercase $_post
I also noticed there are no DB credentials for $con
in your posted code.
You need to be doing something to the affect of:
$con=mysqli_connect("xxx_host", "xxx_user", "xxx_password");
mysqli_query($con, "INSERT INTO uporabniki (ime_priimek, spol, razred, slika) VALUES
('". $ime_priimek ."' , '". $spol ."' , '". $razred ."' , '". $slika ."' )" or die(mysql_error()));
and you had a stray comma in '". $slika ."' , )"
You can also try this method:
$mysql_hostname = 'xxx';
$mysql_username = 'xxx';
$mysql_password = 'xxx';
$mysql_dbname = 'xxx';
$con= new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
$sql = $con->prepare("INSERT INTO uporabniki (ime_priimek, spol, razred, slika) VALUES (?, ? ,? ,?)");
$sql->bindParam(1, $ime_priimek);
$sql->bindParam(2, $spol);
$sql->bindParam(3, $razred);
$sql->bindParam(4, $slika);
$sql->execute();
There are several mistakes in your code.
$_post
? Unless you declared it yourself, PHP only has $_POST
. Variable names are case-sensitive .
I suppose thats basically why your insert won't work, howover, there is more.
You are getting values sent from the client and trowing them, as is, directly inside a SQL Query. Bad move. Perhaps you want to learn the principles of SQL Injection and how to prevent it.
Also, I don't see how mysql_error()
will help you here, sinse you are using MySQLi. Try mysqli_error()
instead.
You need to change $_post to uppercase. Like:
<?php
if (isset($_POST['submit'])) {
$ime_priimek = $_POST['ime_priimek'];
$spol = $_POST['spol'];
$razred = $_POST['razred'];
$slika = $_POST['slika'];
$sql = mysqli_query($con, "INSERT INTO uporabniki (ime_priimek, spol, razred, slika) VALUES ('". $ime_priimek ."' , '". $spol ."' , '". $razred ."' , '". $slika ."' , )" or die(mysql_error()));
echo "Dodan";
} else {
echo "Ni dodan";
}
?>
Everytime it is good to format your queries. If you have formated yours you should see that you have one extra , at the end
$query = "INSERT INTO uporabniki (ime_priimek, spol, razred, slika)";
$query .= " VALUES ('". $ime_priimek ."','". $spol ."','". $razred ."','". $slika ."')";
$sql = mysqli_query($con, $query) OR die("ERROR: ".mysqli_error());
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.