stackoom
  简体   繁体   中英

POST Data not inserting into sql table

 原文  2015-04-27 22:06:36       php/ html/ mysql

Question

I am using a form. (I wanted the message text as a text area but changed back to normal text to see if this was the problem)

This is the form I am using 

<form name="addmessage" method="POST" action="addmessage.php" >
    <input type="text" name="message_title" id="message_title">Message Title</input>
    <input type="text" name="message_text" id="message_text">Message</input>
    <input type="submit" name="submit" value = Add> 
  </form>

Below is the PHP code. I understand i need to protect against sql injection however, i can do this later. 

    <?php
include_once("config.php");
if(isset($_POST["message_title"]) && strlen($_POST["message_title"])>0) 
    {
$message_title=$_POST['message_title'];
$message_text=$_POST['message_text'];
session_start();
$barber_id = $_SESSION['barber_id'];

$insert_row = $mysqli->query("INSERT INTO messages(barber_id,message_title,message_text) VALUES('".$barber_id."','".$message_title."',".$message_text.")");

}
else

{
    //Output error
    header('HTTP/1.1 500 Error You have left it blank');
    exit();
}

header("location:messages.php");
?>

If manually enter data using phpMyAdmin, I can get it to display using the code below. 

include_once("config.php");
        session_start();
        $barber_id = $_SESSION['barber_id'];
        $results = $mysqli->query("SELECT * FROM messages WHERE barber_id ='$barber_id' ");
            //get all records from  table
            while($row = $results->fetch_assoc())
            {
                $prices_id = $row['prices_id'];
                echo '<div data-role="collapsible">';   
                echo '<h1>';
                echo '   Message Title: ';  
                echo $row['message_title'];
                echo '</a>';
                echo '</h1>';
                echo '<p>';
                echo $row['message_text'];
                echo '<a href="delete_price.php?prices_id='.$prices_id.'"  class="ui-btn ui-icon-delete "> Delete</a></div>';
            }
  $mysqli->close();
    ?>

1 answers

solution1
 0  2015-04-27 22:09:04

At $insert_row = $mysqli->query("INSERT INTO messages(barber_id,message_title,message_text) VALUES('".$barber_id."','".$message_title."',".$message_text.")");

you should write 

$insert_row = $mysqli->query("INSERT INTO messages(barber_id,message_title,message_text) VALUES('".$barber_id."','".$message_title."','".$message_text."')");

Everytime you pass a String or other non int values you must pass them like that: 'xx', otherwise mysql will see it as query param and it crashes.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Inserting Form Data into SQL table Taking Array Post Data and INSERTING to sql Inserting POST data in my sql using PHP Correction on Inserting data into SQL Table via PHP ajax inserting null values into SQL table (POST method) Inserting data into a 'custom post type' table from the front end SQL error inserting into table Inserting Images into SQL table PHP inserting \ into sql table sql query not inserting into table?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM