php database not being updated when form submited
Question
I'm trying to write a PHP code to update the database through a form, however, the data never seems to make it through to the database! My code below (just to let you know that the PHP code above the start of the HTML code is in a separate doc called post.inc.php):
<?php include_once 'Includes/dbh.inc.php'; $Title = $_POST['Title']; $content = $_POST['Text1']; $sql = "INSERT INTO posts (title, main) VALUES ('$Title', '$content');"; mysqli_query($conn, $sql); header("Location: ../Backend.php?Post=success"); ?> <!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend</title> <link href="https://fonts.googleapis.com/css?family=Raleway" rel="stylesheet"> <link rel="stylesheet" tyle="text/css" href="Style.css"> </head> <body> <div class="head"> <h1>Make A Post</h1> <a href="Backend.delete.php">delete a post</a> </div> <form action="Includes/Post.inc.php" method="POST"> <input type="text" id = "title" name="Title" placeholder="Title"> <br> <textarea name="Text1" id= "content" placeholder="Content(1000 charecter limit)...." cols="90" rows="20"></textarea> <br> <button type="submit" id = "submit" name="submit">Post!</button> </form> </body> </html>
2 answers
solution1
2 2018-04-06 04:03:52
To fix the issue, you should rewrite the PHP part as follow:
<?php
require_once('Includes/dbh.inc.php');
if(isset($_POST['Title'], $_POST['Text1'])) {
$Title = mysqli_real_escape_string($conn, $_POST['Title']);
$content = mysqli_real_escape_string($conn, $_POST['Text1']);
$sql = "INSERT INTO posts (title, main) VALUES ('$Title', '$content');";
$result = mysqli_query($conn, $sql);
if($result !== false) {
header("Location: ../Backend.php?Post=success");
exit;
} else {
// query failed, do some checks
}
}
?>
You have to:
- escape the input from user to prevent SQL Injection.
- check whether the form is submitted as POST
Also, as mentioned in comments, the HTML is full of errors. You'd better use W3C HTML Validator to check your HTML structure.
solution2
0 2018-04-06 05:23:57
<?php
include_once 'Includes/dbh.inc.php';
$Title = $_POST['Title'];
$content = $_POST['Text1'];
$sql = "INSERT INTO posts (title, main) VALUES ('$Title', '$content');";
mysqli_query($conn, $sql);
header("Location: ../Backend.php?Post=success");
?>
Please remove the bolded semi colon , and your code should be
<?php
include_once 'Includes/dbh.inc.php';
$Title = $_POST['Title'];
$content = $_POST['Text1'];
$sql = "INSERT INTO posts (title, main) VALUES ('$Title', '$content')";
mysqli_query($conn, $sql);
header("Location: ../Backend.php?Post=success");
?>
or you may use
<?php
include_once 'Includes/dbh.inc.php';
if(isset($_POST['submit'])){
$Title = $_POST['Title'];
$content = $_POST['Text1'];
$sql = "INSERT INTO posts (title, main) VALUES ('$Title', '$content')";
mysqli_query($conn, $sql);
header("Location: ../Backend.php?Post=success");
}else{
echo "Error";
}
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.