MySQL Post HELP

system · May 18, 2012, 6:01pm

I am trying to make a form that will submit data to our mysql database this is my form code:

Audition Portal
Student First Name:
Student Last Name:
Gender Select... Male Female
Phone:
Parent First Name:
Parent Last Name:

Please check ALL submitted paperwork:

Recommendation Letter #1
Yes
No

Recommendation Letter #2
Yes
No

Report Card/Transcript
Yes
No

I have created an additional page that is titled: add_student.php

That pages code includes:[php]<?php
$con = mysql_connect(“localhost”,“database_admin”,“Password”);
if (!$con)
{
die('Could not connect: ’ . mysql_error());
}

mysql_select_db(“database”, $con);

$sql=“INSERT INTO students(contact_id, StudentFirstName,
StudentLastName, Gender, Phone, ParentFirstName,
ParentLastName, Rec1, Rec2, ReportCard) VALUES
(’$POST_[id]’,’$POST_[sfname]’,’$POST_[slname]’,’$POST_[sgender]’,’$POST_[phone]’,’$POST_[pfname]’,’$POST_[plname]’,’$POST_[rec1]’,’$POST_[rec2]’,’$POST_[reportcard]’)”;

if (!mysql_query($sql,$con))
{
die('Error: ’ . mysql_error());
}
echo “Student record added”;

mysql_close($con);
?>[/php]

When I click submit on the form page it just reloads with the submission values in the URL and it doesn’t post them to the database ( I know this because I use phpMYAdmin and nothing is in that table).

What am I doing wrong

richei · May 18, 2012, 8:40pm

Its $POST not $POST

bookertechie · May 18, 2012, 9:31pm

Hey,

I created an account so I could reply.

I changed the $POST_ to $_POST and still nothing occurs. I thought the POST method was supposed to keep the sent information out of the URL and post to the database?

richei · May 18, 2012, 10:02pm

I cant see to much from my phone, but make sure that the names are correct. Ill look it more when I get home

Improvizionz · May 19, 2012, 1:06am

When posting information received from a form, you do $POST[‘name’] not $POST[name]

That should fix it, im not sure though, I would have inserted the data differently. But hope this works for you!

[php]<?php
$con = mysql_connect(“localhost”,“database_admin”,“Password”);
if (!$con)
{
die('Could not connect: ’ . mysql_error());
}

mysql_select_db(“database”, $con);

$sql=“INSERT INTO students(contact_id, StudentFirstName,
StudentLastName, Gender, Phone, ParentFirstName,
ParentLastName, Rec1, Rec2, ReportCard) VALUES
($_POST[‘id’],$_POST[‘sfname’],$_POST[‘slname’],$_POST[‘sgender’],$_POST[‘phone’],$_POST[‘pfname’],$_POST[‘plname’],$_POST[‘rec1’],$_POST[‘rec2’],$_POST[‘reportcard’])”;

if (!mysql_query($sql,$con))
{
die('Error: ’ . mysql_error());
}
echo “Student record added”;

mysql_close($con);
?>[/php]

Try that, I think that should work.

bookertechie · May 19, 2012, 2:22am

I tried that and still hasn’t worked. I am open to ideas on how who would have set it up, if you wish to share. Thanks

richei · May 19, 2012, 3:31am

code wise it looks correct. When i’m having these issues, i always copy the column names right from phpmyadmin and paste them where i’m working so i can easily check spelling and that the insert stuff is in the right place. I also don’t do my inserts like that.

Imp’s version is wrong though, any strings need to have quotes around them.

That whole thing can be changed to
[php]

<?php $con = mysql_connect("localhost","database_admin","Password") or die(mysql_error()); mysql_select_db("database", $con); $sql=mysql_query("INSERT INTO students VALUES ($_POST['id'], '$_POST[sfname]', '$_POST[slname]', '$_POST[sgender]', '$_POST[phone]', '$_POST[pfname]', '$_POST[plname]', '$_POST[rec1]', '$_POST[rec2]', '$_POST[reportcard]')") or die(mysql_error()); if($sql) { echo "Student record added"; } mysql_close($con); ?>[/php]

You should really consider using mysql_real_escape_string() to clean the user input. lot of nasty things can be done to a database through sql injection.