All geek questions in one place

Data does not get into MySql database

I read some related questions regarding my problem, but I still cannot figure it out. So I decided to ask now.

I would like to know if there is something wrong with my code. In principle, the data in the input blocks should go to the database (MYSQL), but every time I click the "Submit" button, nothing happens.

code: insert_product.php <- main page

<!DOCTYPE html> <?php include("includes/db.php"); ?> <html> <head> </head> <script src="//cdn.tinymce.com/4/tinymce.min.js"></script> <script>tinymce.init({ selector:'textarea' });</script> <body bgcolor="#aad6bb"> <form action="insert_product.php" method="post" enctype="multipart/form-data"> <table align="center" width="600" border='1' bgcolor='#d6aac5'> <tr align="center"> <td colspan='8'><h2>Inser New Post Here</h2></td> </tr> <tr > <td align="right"> <b>Product Name:<b></td> <td><input type='text'name="product_name" size='50'/></td> </tr> <tr> <td align="right"><b> Product Description</b></td> <td><textarea name="product_desc" cols='20' rows='10'></textarea></td> </tr> <tr> <td align="right"> <b>Product Price:</b></td> <td><input type='text'name="product_price"/></td> </tr> <tr> <td align="right"><b> Product Quantity:</b></td> <td><input type='text'name="product_quantity"/></td> </tr> <tr> <td align="right"> <b>Product Category:</b></td> <td><select name="product_cat"> <option>Select Category</option> <?php $get_cats = "Select * from categories"; $run_cat = mysqli_query($con, $get_cats); while ($row_cats=mysqli_fetch_array($run_cat)){ $cat_id = $row_cats['cat_id']; $cat_title = $row_cats['cat_title']; echo"<option value='$cat_id'>$cat_title</option>"; } ?> </select> </td> </tr> <tr> <td align="right"> <b>Product Image:</b></td> <td><input type='file' name="product_img"/></td> </tr> <tr> <td align="right"> <b>Product Keywords:</b></td> <td><input type='text' size="40" name="product_kw"/></td> </tr> <tr align='center'> <td colspan='8'><input type='submit'name="insert_post" value="Insert Product"/></td> </tr> </table> </form> </body> </html> <?php if(isset($_POST['insert_post'])){ //GETTING DATA FROM THE FIELD $product_name= $_POST['product_name']; $product_desc= $_POST['product_desc']; $product_price= $_POST['product_price']; $product_quantity= $_POST['product_quantity']; $product_cat= $_POST['product_cat']; $product_kw= $_POST['product_kw']; //GETTING IMAGE FROM THE FIELD $product_img = $_FILES['product_img']['name']; $product_img_tmp = $_FILES['product_img']['tmp_name']; move_uploaded_file($product_img_tmp, "product_images/$product_img"); $insert_product = "insert into item (product_name,product_desc,product_price,product_quantity,product_cat,product_img,keywords) values ('ItemName','ItemDesc',ItemPrice,ItemQty,'ItemCat','ItemImg','keywords')" OR die(mysql_error()); $insert_prod = mysqli_query($con, $insert_product); if($insert_prod){ echo "<script>alert('SUCCESS')</script>"; echo "<script>window.open('insert_product.php','self')</script>"; }//END OF IF(INSERT_PROD) } ?>

db.php <- for connection

  <?php $con = mysqli_connect("localhost","root","","ecommerce"); ?>

The table from the database ( ecommerce name) is an item in my table item : ItemID Primary and AI ItemName ItemDesc ItemPrice ItemQty ItemCat ItemImg keywords

NOTE. I know that my code is vulnerable to SQL Injection attacks. But I'm still new and focus on connecting with HTML and PHP products :)

+5
source share
2 answers

You just don't insert your variables.

As long as you claim that you are just practicing, I will ignore the SQL injection vulnerability.

 $insert_product = "insert into item (product_name,product_desc,product_price,product_quantity,product_cat,product_img,keywords) values ('$product_name', '$product_desc', $product_price, $product_quantity, '$product_cat', '$product_img', '$product_kw')" OR die(mysql_error());
+3
source

you can do it like that

JavaScript:

 function callPHP() { var httpc = new XMLHttpRequest(); // simplified for clarity var url = "insert.php"; httpc.open("POST", url, true); // sending as POST httpc.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); MUST have a Content-Length header (as per HTTP/1.1) httpc.onreadystatechange = function() { //Call a function when the state changes. if(httpc.readyState == 4 && httpc.status == 200) { // complete and no errors alert(httpc.responseText); // some processing here, or whatever you want to do with the response } } var z = document.getElementById('Textbox1').value ; httpc.send('data=' + z); }

insert.php

 <?php $servername = "localhost"; $username = "username"; $password = "password"; $temp = $_POST['data']; try { $dbh = new PDO("mysql:host=$hostname;dbname=test",$username,$password); $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line $sql = "INSERT INTO item (product_name) VALUES ('".$temp."')"; if ($dbh->query($sql)) { echo "success"; } else{ echo "fail"; } $dbh = null; } catch(PDOException $e) { echo $e->getMessage(); } ?>
+2
source

Source: https://habr.com/ru/post/1239294/

More articles:


All Articles