Booking system with php and mysql
Question
So I'm producing this booking system for supplementary lessons in school,and I'm new to coding.So I'm experiencing many problems when making this.
I'm using PHP and mysql for my system.The following is my tedious 100-line-code for 'sinsert.php'
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
<title>Booking Page</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<?php
//Prevent empty fields
$date = $room = $tid = $subj = $start = $end = $noofstu = null;
$nodate = $noroom = $notid = $nosubj = $nostart = $noend = $nonoofstu = null;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["date"])) {
$nodate = "*Date of lesson is required";
$date = null;
} else {
$date = $_POST["date"];
}
if (empty($_POST["room"])) {
$noroom = "*Room is required";
$room = null;
} else {
$room = $_POST["room"];}
if (empty($_POST["tid"])) {
$notid = "*Teacher in charge is required";
$tid = null;
} else {
$tid = $_POST["tid"];}
if (empty($_POST["noofstu"])) {
$nonoofstu = "*Number of Students Attending is required";
$noofstu = null;
} else {
$noofstu = $_POST["noofstu"];}
}
function ($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;}
?>
<div id='frm'><form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST">
<p><h1><u>Lesson Booking Form</u></h1></p>
<p>
<label>Date of Lesson:</label>
<input type="date" name="date" >
<br><span class="error"><?php echo $nodate;?></span>
</p>
<p>
<label>Room:</label><br>
<input type="radio" name="room" value="246"/> Room 246
<input type="radio" name="room" value="340"/> Room 340
<input type="radio" name="room" value="342"/> Room 342<br>
<span class="error"> <?php echo $noroom;?></span>
</p>
<p>
<label>Teacher in charge:</label><br>
<input type="radio" name="tid" value="T001"/>Mr.Williams
<input type="radio" name="tid" value="T002"/>Mr.Zimmerman
<input type="radio" name="tid" value="T003"/>Ms.Alcott<br>
<span class="error"> <?php echo $notid;?></span>
</p>
<p>
<label>Subject:</label>
<select name="subj">
<option value="unitA">Unit A</option>
<option value="unitB">Unit B</option>
<option value="unitC">Unit C</option>
<option value="unitD">Unit D</option>
<option value="unitE">Unit E</option>
<option value="unitF">Unit F</option>
</select>
</p>
<p>
<label>Starting Time:</label>
<select name="start">
<option value='09:00:00'>09:00</option>
<option value='10:00:00'>10:00</option>
<option value='11:00:00'>11:00</option>
<option value='12:00:00'>12:00</option>
<option value='13:00:00'>13:00</option>
<option value='14:00:00'>14:00</option>
<option value='15:00:00'>15:00</option>
<option value='16:00:00'>16:00</option>
<option value='17:00:00'>17:00</option>
</select>
<label>Ending Time:</label>
<select name="end">
<option value='10:00:00'>10:00</option>
<option value='11:00:00'>11:00</option>
<option value='12:00:00'>12:00</option>
<option value='13:00:00'>13:00</option>
<option value='14:00:00'>14:00</option>
<option value='15:00:00'>15:00</option>
<option value='16:00:00'>16:00</option>
<option value='17:00:00'>17:00</option>
<option value='18:00:00'>18:00</option>
</select>
</p>
<p>
<label>Number of Students Attending:</label>
<input type='number' name='noofstu' min='1'max='40'><br>
<span class="error"><?php echo $nonoofstu;?></span>
</p>
<p>
<input type="reset" id="reset" value="Reset">
<input type="submit" id="submit" value="Submit">
</p>
</form>
<?php
//Insert data in mysql database
$date = $_POST['date'];
$room = $_POST['room'];
$tid = $_POST['tid'];
$subj = $_POST['subj'];
$start = $_POST['start'];
$end = $_POST['end'];
$noofstu = $_POST['noofstu'];
$conn = @mysqli_connect("localhost","root","","sba");
if (mysqli_connect_errno()) {
die("Failed to connect to MySQL: " . mysqli_connect_error());
}
$sql = "INSERT INTO booking (date, room, tid, subj, start, end, noofstu) Values (?,?,?,?,?,?,?)";
$stmt = mysqli_prepare($sql);
$stmt->bind_param( $_POST['date'], $_POST['room'], $_POST['tid'], $_POST['subj'], $_POST['start'], $_POST['end'], $_POST['noofstu']);
$stmt->execute();
if(!mysqli_query($conn, $sql))
{
echo "Not Inserted!";
}
else
{
echo "Inserted";
}
$conn->close();
?>
</div>
</body>
There are two codes in 'sinsert.php'.The first code is to make sure the user filled in all fields before submitting or else error codes will appear.The first code is mostly copied from W3schools.So I don't think there will be any problems regarding this code.
The second code is to insert the inputted data into the 'booking' table in the 'sba' database.I made code with the help of my teacher's code and PHP: Inserting Values from the Form into MySQL
The 'booking' table consists of 8 fields.Besides the 7 fields mentioned in the code,there's also primary key field 'bookid' which is in auto increment
Here are the problems I encountered
1.Everytime I went to the 'sinsert.php' page,I got 2 warning messages beneath my form
The first warning message states:
'mysqli_prepare() expects exactly 2 parameters, 1 given in on line 143'
The other is fatal error message that states:
'Uncaught Error: Call to a member function bind_param() on null in sinsert.php:144 Stack trace: #0 {main} thrown in sinsert.php on line 144'
And I have no idea what they mean or how to solve them
2.I also cannot insert the inputted data in the database.My guess is due to the error messages above.But I don't actually know the real reason
I'd like to know how can I solve the above problems.I'm really grateful if you helped
Bonus Question:How can I prevent double booking,like no records should have the same room and same time
1 answers
solution1
0 ACCPTED 2018-10-14 12:16:04
Your main issue is you are running the DB stuff even if the form is not submitted. The PHP code at the bottom.
I cleaned it all up for you:
<?php
if(!empty($_POST)){
$errors = [];
$date = empty($_POST["date"]) ? false : (new DateTime($_POST["date"]))->format('Y-m-d');
if(!$date) $errors["date"] = "*Please set a Date of the lesson";
$room = empty($_POST["room"]) ? false : $_POST["room"];
if(!$room) $errors["room"] = "*Please pick a room";
$tid = empty($_POST["tid"]) ? false : $_POST["tid"];
if(!$tid) $errors["tid"] = "*Please pick a Teacher";
$noofstu = empty($_POST["noofstu"]) ? false : trim($_POST["noofstu"]);
if(!$noofstu) $errors["noofstu"] = "*Please set the number of students that are attending";
$start = $_POST["start"];
$end = $_POST["end"];
$subj = $_POST['subj'];
if(empty($errors)){
$conn = mysqli_connect("localhost","root","","sba");
if(mysqli_connect_errno()) die("Failed to connect to MySQL: " . mysqli_connect_error());
$sql = "INSERT INTO booking (date, room, tid, subj, start, end, noofstu) Values (?,?,?,?,?,?,?)";
$stmt = mysqli_prepare($sql);
$stmt->bind_param( $date, $room, $tid, $subj, $start, $end, $noofstu);
$stmt->execute();
if(!mysqli_query($conn, $sql)) $errors["DB"] = "Dateabase error!";
}
}
?>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
<title>Booking Page</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id='frm'>
<form action="" method="post" >
<p>
<h1><u>Lesson Booking Form</u></h1>
<span class="error"><?php echo isset($errors['DB']) ? $errors['DB'] : '';?></span>
</p>
<p>
<label>Date of Lesson:</label>
<input type="date" name="date" >
<br><span class="error"><?php echo isset($errors['date']) ? $errors['date'] : '';?></span>
</p>
<p>
<label>Room:</label><br>
<input type="radio" name="room" value="246"/> Room 246
<input type="radio" name="room" value="340"/> Room 340
<input type="radio" name="room" value="342"/> Room 342<br>
<span class="error"><?php echo isset($errors['room']) ? $errors['room'] : '';?></span>
</p>
<p>
<label>Teacher in charge:</label><br>
<input type="radio" name="tid" value="T001"/>Mr.Williams
<input type="radio" name="tid" value="T002"/>Mr.Zimmerman
<input type="radio" name="tid" value="T003"/>Ms.Alcott<br>
<span class="error"><?php echo isset($errors['tid']) ? $errors['tid'] : '';?></span>
</p>
<p>
<label>Subject:</label>
<select name="subj">
<option value="unitA">Unit A</option>
<option value="unitB">Unit B</option>
<option value="unitC">Unit C</option>
<option value="unitD">Unit D</option>
<option value="unitE">Unit E</option>
<option value="unitF">Unit F</option>
</select>
</p>
<p>
<label>Starting Time:</label>
<select name="start" style="margin-right:15px" >
<option value="09:00:00">09:00</option>
<option value="10:00:00">10:00</option>
<option value="11:00:00">11:00</option>
<option value="12:00:00">12:00</option>
<option value="13:00:00">13:00</option>
<option value="14:00:00">14:00</option>
<option value="15:00:00">15:00</option>
<option value="16:00:00">16:00</option>
<option value="17:00:00">17:00</option>
</select>
<label>Ending Time:</label>
<select name="end">
<option value="10:00:00">10:00</option>
<option value="11:00:00">11:00</option>
<option value="12:00:00">12:00</option>
<option value="13:00:00">13:00</option>
<option value="14:00:00">14:00</option>
<option value="15:00:00">15:00</option>
<option value="16:00:00">16:00</option>
<option value="17:00:00">17:00</option>
<option value="18:00:00">18:00</option>
</select>
</p>
<p>
<label>Number of Students Attending:</label>
<input type="number" name="noofstu" min="1" max="40"><br>
<span class="error"><?php echo isset($errors['noofstu']) ? $errors['noofstu'] : '';?></span>
</p>
<p>
<input type="reset" id="reset" value="Reset">
<input type="submit" id="submit" value="Submit">
</p>
</form>
</div>
</body>
</html>
There is too much really to cover, but the (condition) ? true : false; (condition) ? true : false; style is called a ternary statement. In PHP7 some of these could be replace with null coalesce operator ?? For example this:
$room = empty($_POST["room"]) ? false : $_POST["room"];
Can be done in PHP7 as
$room = $_POST["room"] ?? false;
A few other things are.
- Keep your PHP code together if possible (makes it cleaner)
- don't modify data, sanitize display. You are not displaying any user input here. most of your inputs are not free form types. So you are doing more work then you need to (assuming
function ($data)actually did anything beside cause a syntax error) - use arrays for similar types of data
$errors - do not echo strings outside of HTML ( echo "Not Inserted!"; ), its ugly
- end you code with HTML tag (it was missing)
- don't mix quoting styles in HTML (because it irritates me)
- properly indent your code, (easier to read)
- don't set variable more times then you need to, it's ugly (makes it hard to read)
- Database date format is
Ymdnotm/d/YUsing Date time will handle multiple formats, and put them how you need them. - be lazy, don't write code you don't need to. I was half tempted to make some loops for the
<select>options, but alas It was easier to copy them. Mainly I didn't feel like explainingstr_padto add the leading0'son the time. - use CSS not content for styling
multiple times vsstyle="margin-right:15px"it's more precise and easier to edit.
It wasn't all bad at least you had this prepare . Also just FYI, I haven't used Mysqli in about 4 years. I mainly use PDO, so I left the DB code as is.
PS I can't really test this, so forgive me any typos
Bonus Question:How can I prevent double booking,like no records should have the same room and same time
Make room , date , start and end a compound unique key in the DB (a key that has multiple fields in it), then it will throw an error when the same data is entered. In other words when the same room is booked for the same date and times. In PDO you could use exception handling try/catch to catch those errors in Mysqli as I said I haven't used in a long time. But I imagine you'd get an error for execute . You forgot same date in same room and same time so I added that in. Because you store the date and time separately it matters.
Another way to store these would be to get rid of the date field and change Start and End to DateTime in the DB. And change this:
$start = $_POST["start"];
$end = $_POST["end"];
To
$start = $date.' '.$_POST["start"]; //2018-10-14 09:00:00
$end = $date.' '.$_POST["end"];
This way you can store the date as part of the time. Also in the future if a class spanned more then one day, you would be all set. Because you could have it start today and end tomorrow. It would also be a bit easier to work with in SQL, because of the DATE(field) and other date related functions.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.