<form method="post" action="add.php">
<input type="hidden" name="id" value="NULL" />
<table>
<tr height="20">
<td colspan="2"><font size="+0" face="verdana">Below is a sample form for our php</td>
</tr>
<tr height="50">
<td></td>
</tr>
<tr>
<td align="left"><font size="+0" face="verdana"><b>Your name<br />
Your Email Address</b></td>
<td><input type="text" name="name"><br />
<input type="text" name="email" />
</td>
</tr>
<tr>
<td colspan="2"><center>
<select name="opinion">
<option value="is greate">I like your site</option>
<option value="is OK">you site is ok</option>
<option value="is horrible">your site is horrible</option>
</select>
<input type="submit" value="tell us"!/>
</td>
</tr>
</table>
</form>
add.php file
<?php
/**
* @author runeveryday
* @copyright 2010
*/
$DBhost ="localhost";
$DBuser = "root"; //mysqluser
$DBpass = "123"; //mysql password
$DBName = "learnphp";// database name
$table = "information"; //table name
mysql_connect($DBhost,$DBuser,$DBpass) or die("error");
mysql_select_db("$DBName") or die("error");
$sqlquery = "INSERT INTO $table VALUES ('$_POST[id]','$_POST[name]','$_POST[email]','$_POST[opinion]')";
$results=mysql_query($sqlquery);
mysql_close();
echo "<html><titile>PHP and mysql</title><body><p><center>you just enter this information into the database
<p><blockquote>";
print "Name:$_POST[name]<p>E-mail:$_POST[email]<p>opinion:$_POST[opinion]</blockquote></center>";
?>
INSERT INTO information (name,email,opinion) VALUES(‘qq’,‘admin@gmail.com’,‘is great’)
maybe the question is the type of the ID,but i don’t know how to correct it ,so i can’t insert the data to the table.
this is the code that i created the database.
mysql> CREATE TABLE information (
> id INT NOT NULL AUTO_INCREMENT,
> name VARCHAR (40),
> email VARCHAR (40),
> opinion VARCHAR (30),
> PRIMARY KEY (id)
);
I think it has to do with the $_POST[‘…’] embedded in double quotes. I remember I had that problem, it didn’t retrive the post in double quotes. You need to separate it with:
"INSERT INTO $table VALUES ('NULL',".$_POST[name].",".$_POST[email].",".$_POST[opinion].")";
Print out $sqlquery before executing the query, then try to execute it in PhpMyAdmin to see if there are any errors. If you can post the printed $sqlquery here that would be good also.
or die(mysql_error());
behind the code
$results=mysql_query($sqlquery).
it show an error
you have an error in you SQL syntax,check the manual that corresponds to your MySQL server version for the right syntax to use near 'is horrible)'at line 1
...
...
echo '<pre>';
print_r($_POST);
echo '</pre>';
// check that you have something to post then remove next 'die;' line and refresh browser
die;
$table = "information"; //table name
mysql_connect($DBhost,$DBuser,$DBpass) or die("error");
mysql_select_db("$DBName") or die("error");
$sqlquery = "INSERT INTO $table VALUES ('$_POST[id]','$_POST[name]','$_POST[email]','$_POST[opinion]')";
echo $sqlquery;
// copy and paste above string into http://localhost/phpmyadmin/
// check that you have something to post then remove next 'die;' line and refresh browser
die;
$results=mysql_query($sqlquery);
echo "Records inserted: %d\
", mysql_affected_rows());
// check to see how many records wered posted then remove next 'die;' line and refresh browser
die;
With $_POST[name], php thinks name is a constant, $_POST[‘name’] is the correct way to do this. You can either use the advice oddz gave several posts ago, or use concatenation to get around the quoting problems.
echo '<pre>';
print_r($_POST);
echo '</pre>';
// check that you have something to post
$table = "information"; //table name
mysql_connect($DBhost,$DBuser,$DBpass) or die("error");
mysql_select_db("$DBName") or die("error");
$sqlquery = "INSERT INTO $table VALUES ('$_POST[id]','$_POST[name]','$_POST[email]','$_POST[opinion]')";
//
echo $sqlquery;
$results=mysql_query($sqlquery);
echo "Records inserted: %d\
", mysql_affected_rows());
// check to see how many records wered posted then remove next 'die;' line and refresh browser
die;
Please use the above scripot and let us know the results rather than “there is no data in the table”.
Well the immediate problem I see that NULL (value for id) will be surrounded by quotes when it shouldn’t be.
The other problem is that $_POST[name] is not the correct syntax. That should be $_POST[‘name’]. You will also need to surround array access by {} when embedding directly in a string. So you should have something like {$_POST[‘name’]}.
Lastly, you should be escaping and cleaning user before placing it into the SQL to avoid common security gaps involving injection.
Upon immediate glance those are the major problems I see.