Simple form script not working

PHP
1

Hi

I have just created a simple form script but it does not work. when I fill in the text boxes and click submit it does not put anything in the database and brings up the same form page again (with no text in it) instead pof bringing up the thank you page.

The php script is as follows:


<?php require_once("connect/connection.php");
require_once("includes/functions.php");
if(isset($_POST['submit'])){
$errors = array();
$requiredfields = array('first_name'=> 'Please enter your FIRST NAME','surname'=> 'Please enter your SURNAME','email'=> 'Please enter your E Mail ADDRESS','text'=> 'Please enter your current needs');
foreach($requiredfields as $fieldname => $requiredfieldsmessage){
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname]) || strlen(trim($_POST[$fieldname])) == 0) {
$errors[] = $requiredfieldsmessage;
}
}
 if(count($errors) == 0){
 
 $_POST = array_map('mysqli_prep', $_POST);
 
$first_name =  mysqli_prep($_POST['first_name']);
$surname =  mysqli_prep($_POST['surname']);
$email =   mysqli_prep($_POST['email']);
$text =  mysqli_prep($_POST['text']);
$query = "INSERT INTO contact_form (first_name,surname,email,text)Values('{$first_name}','{$surname}','{$email}','{$text}')";
$result = mysqli_query($connection, $query);
header('Location: brief_return.php');
exit;
}
}
?>

The function is merely mysqli_prep function.

The form script is as follows:


<form style="padding:15px;">
<p>First Name:<br/> <input type="text" size="30" name="first_name" value="<?php echo htmlspecialchars($_POST['first_name'],ENT_QUOTES); ?>" id="fname" /></p>
<p> Surname:<br/><input type="text" size="30" name="surname" value="<?php echo htmlspecialchars($_POST['surname'],ENT_QUOTES); ?>" id="sname" /></p>
<p>E mail:<br/><input type="text" size="40" name="email" value="<?php echo htmlspecialchars($_POST['email'],ENT_QUOTES); ?>" id="email" /></p>
<p>How Can I help you?:<br/>
  <textarea rows="10" cols="40" name="text"><?php echo htmlspecialchars($_POST['text'],ENT_QUOTES); ?> </textarea></p><br />
  <input type="submit" name="submit" value="Submit " />
</form>

Thanks for looking at this

regards,

cass27

2

You can’t use {} in a MySQL query, they need to be normal variables

3

Can you clarify what you mean by normal variables? and where you think i’m going wronmg? I don’t understand where I am going wrong. I adapted this form from one that is working perfectly and has {}.

thanks

cass27

4

I don’t see how your php script gets executed at all because your form doesn’t have an “action=” attribute.

The action attribute tells the form where to send the form data.

5

Thanks Kalon Now when I click submit it goes to the thank you page. but it doesn’t put any thing in the database.

I added this to the form:

<form style=“padding:15px;” action=“<?php echo $_SERVER[‘PHP_SELF’]; ?>” method=“post” >

any ideas?

thanks for your time

cass27

6

I can’t find mysqli_prep() in the php manual

7

if you want to use prepared statements have a look at mysql_prepare or felgall gives [URL=“http://www.sitepoint.com/forums/showthread.php?t=706275&highlight=prepared+statements&page=2”]an example here in post 7

8

Instead of

$query = "INSERT INTO contact_form (first_name,surname,email,text)Values('{$first_name}','{$surname}','{$email}','{$text}')"

Use

$query = "INSERT INTO contact_form (first_name,surname,email,text)Values('$first_name','$surname','$email','$text')";
9

Tracked it down guys. I put in the name of the database instead of the name of the table.

Thanks for spending time on this

cass27