How to insert data into database using if command

aimen · October 11, 2017, 8:06pm

Hi so i want to make it so that the option whether its vegetarian or meat decides which table it will insert into. Please help. So like basically:

------------------------------------------------------------------------------------
if user input pcategory == Vegetarian_products then
         insert blah blah blah into tableforvegetarian
else
         insert blah blah blah into tableformeat
endif
-------------------------------------------------------------------------------------

Here’s the code:

<?php
require_once('../../connect.php');
?>
      
            <h2>Add Product</h2>
            <div class="block">
                    
				<form name="form1" action="" method="post" enctype="multipart/form-data">
					<table border="1">
						<tr>
							<td>Product Name</td>
							<td><input type="text" name="pnm"></td>
						</tr>
						<tr>
							<td>Product Price</td>
							<td><input type="text" name="pprice"></td>
						</tr>
						<tr>
							<td>Product Quantity</td>
							<td><input type="text" name="pqty"></td>
						</tr>
						<tr>
							<td>Product Image</td>
							<td><input type="file" name="pimage"></td>
						</tr>
						<tr>
							<td>Product Categoty</td>
							<td>
								<select name="pcategory">
									<option value="Vegetarian_Products">Vegetarian Products</option>
									<option value="Meat_Products">Meat Products</option>
								</select>
							</td>
						</tr>
						<tr>
							<td>Product Description</td>
							<td>
								<textarea cols="15" rows="10" name="pdesc"></textarea>
			       			</td>
						</tr>
						<tr>
							<td colspan="2" align="center"><input type="submit" name="submit1" value="upload"></td>
						</tr>
					
					
					</table>
				</form>

				<?php
					if(isset($_POST["submit1"] and $_POST["pcategory"] == "Vegetarian_Products"));
						{
  							$firstnum=rand(1111,9999);
   							$secondnum=rand(1111,9999);
   
 							$thirdnum=$firstnum.$secondnum;
   
  							$thirdnum=md5($thirdnum);
   
   
 						    $location=$_FILES["pimage"]["name"];
  							$place="./product_image/".$thirdnum.$location;
  							$place1="product_image/".$thirdnum.$location;
  							move_uploaded_file($_FILES["pimage"]["tmp_name"],$place);

  				
  							
  							mysqli_query($connection,"insert into product values('','$_POST[pnm]',$_POST[pprice],$_POST[pqty],'$place1','$_POST[pcategory]','$_POST[pdesc]')");
  						
						}

				?>

ZooKeeper · October 11, 2017, 10:03pm

You have the same problem with your query as you did in the other post. That first needs to be corrected. So the first step is to have the SQL query successfully insert into the db. I would also argue that you need to make sure that your queries are not susceptible to SQL injection. Like I said in the other thread mysqli alone does not guard against SQL injection.

aimen · October 11, 2017, 10:11pm

So i realize that right now it wouldn’t insert into database because the if statement is wrong anyways. It would work if i change the code to this.

<?php
					if(isset($_POST["submit1"]))
						{
  							$firstnum=rand(1111,9999);
   							$secondnum=rand(1111,9999);
 							$thirdnum=$firstnum.$secondnum;
   
$thirdnum=md5($thirdnum);
   
$location=$_FILES["pimage"]["name"];
  							$place="./product_image/".$thirdnum.$location;
  							$place1="product_image/".$thirdnum.$location;
  							move_uploaded_file($_FILES["pimage"]["tmp_name"],$place);
						mysqli_query($connection,"insert into product values('','$_POST[pnm]',$_POST[pprice],$_POST[pqty],'$place1','$_POST[pcategory]','$_POST[pdesc]')");

						}
				?>

I didn’t need to change anything about the string being written differently. As i said it was just a problem with mamp. I think i did some stuff in privileges that didn’t allow me to insert the data. Also trust me you don’t need to worry about SQL injection as it is not required in the project. We just have to make a simple site that will never be published. Just the main structure is neccessary. So yea I just wanted to know how to make from the the two options that the user is given (vegetarian/meat products) an if statement to seperate between them and place them in different database tables.

SamA74 · October 12, 2017, 9:02am

You virtually have it there, except in pseudo code rather than real php syntax.

if($_POST["pcategory"] == "Vegetarian_Products"){
    $thistable = "tableforvegetarian"";
}
else{
   $thistable = "tableformeat";
}
$query = "INSERT INTO $thistable VALUES etc";

vectorialpx · October 12, 2017, 11:52am

First of all, are you sure you need two tables?
Looks like you could just have a Type flag.

Second, try to have a cleaner code. This does not look so good:

mysqli_query($connection,"insert into product values('','$_POST[pnm]',$_POST[pprice],$_POST[pqty],'$place1','$_POST[pcategory]','$_POST[pdesc]')");

Try to use php prepared statements

aimen · October 12, 2017, 4:55pm

Thank you for responding yea i know i have the pseudo code, i just didnt know how exactly the code was written in php.

SamA74 · October 12, 2017, 5:06pm

The basic syntax is:-

if ( condition ) { 
    commands to do if the condition proves true ;
}
elseif ( optional alternative condition ) { 
    commands if the previous condition proves false but this one is true;
    any number more of these ;
}
else {
    optional commands only for when none of the above conditions prove true ;
}

Mittineague · October 12, 2017, 10:51pm

Alternate INSERT discussion here:

Please continue discussion there.
This topic is now Closed to avoid cross posting confusion.