new to php need help badly


#1

here is my html document, it points to a php script to input data, which works fine. what i am having a problem with is displaying the table after data is input to the db. basically what i want to achieve is have user input name into provider, then the results display below that so you can see what you put in.

[php]

<head>
    <title>Provider Points</title>
    <link href="styles1.css" rel="stylesheet" type="text/css" /><!--[if IE]>
     <style type="text/css"> 
     /* place css fixes for all versions of IE in this conditional comment */
     .thrColElsHdr #sidebar1, .thrColElsHdr #sidebar2 { padding-top: 30px; }
     .thrColElsHdr #mainContent { zoom: 1; padding-top: 15px; }
     /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */
     </style>
     <![endif]-->
</head>

<body class="thrColElsHdr">
    <div id="container">
        <div id="header">
            <div class="hLogo">
                <!--end hLogo--> </div>
            <!-- end #header --></div>
        <nav id="navbar">



            <div class="button"> <a href="index.html" title="Home page">Home</a></div>
            <div class="button"><a href="provider.html" title="add provider">Add Provider</a></div> 
            <div class="button"><a href="http://finalffxiv.shivtr.com/" title="Final Site">Final Site</a></div>


        </nav>


Provider

                 <tr>
                    <td width = "100">Provider Name</td>
                    <td><input name = "Name" type = "text"/></td>
                 </tr>
                 <tr>
                    <td width = "100"> </td>
                    <td> </td>
                 </tr>
              
                 <tr>
                    <td width = "100"> </td>
                    <td>
                       <input name = "add" type = "submit" id = "add" 
                          value = "Add Provider">
                    </td>
                 </tr>
              
              </table>
           </form> 
                 </div> 
  <?php
   
                 $dbhost = 'localhost:3036';
                 $dbuser = 'blink383';
                 $dbpass = 'Anderash1330';
                 $conn = mysql_connect($dbhost, $dbuser, $dbpass);

                @mysql_select_db($db)or die("unable to select database");
                
                $sql = "SELECT * FROM `Provider` LIMIT 0, 30 ";
                $result=mysql_query($sql);
                $num=mysql_numrows($result);
                mysql_close();
                

                echo "<center>Providers</center>";

?>





<?php
                $i=0;
                while ($i < $num){
                 $name=mysql_result($result,$i,"Name");
                 }
     ?>
     <tr> 
        <td><font face="Arial, Helvetica, sans-serif"><?php echo "$name"; ?></font></td>
     </tr>
     <?php
        ++$i;
    
    echo "</table>";
    ?>
     
          <!--end#mainContent-->
        </div>

            <div id="moogle"><!--end moogle--><img src="images/moogle.png" width="168" height="211" title="moogle" /></div>

        <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --><br class="clearfloat" />
        <div id="footer">
            <p>Copyright 2016|© 2009-2016 SQUARE ENIX CO., LTD. All Rights Reserved</p>
            <!-- end #footer --></div>
        <!-- end #container --></div>

</body>
[/php]

my input php looks like this:

[php] <?php
if(isset($_POST[‘add’])) {
$dbhost = ‘localhost:3036’;
$dbuser = ‘mypass’;
$dbpass = ‘pass’;
$conn = mysql_connect($dbhost, $dbuser, $dbpass);

        if(! $conn ) {
           die('Could not connect: ' . mysql_error());
        }
        
        if(! get_magic_quotes_gpc() ) {
           $Name = addslashes ($_POST['Name']);             
        }else {
           $Name = $_POST['Name'];
        }
        
        $sql = "INSERT INTO Provider ". "(Name) ". "VALUES('$Name')";
           
        mysql_select_db('ProviderPoints');
        $retval = mysql_query( $sql, $conn );
        
        if(! $retval ) {
           die('Could not enter data: ' . mysql_error());
        }
        mysql_close($conn);
     }


        ?>[/php]
Name

#2

[size=24pt]Toss that code right now![/size]

That code is obsolete, has been completely removed from Php and is vulnerable to an SQL Injection Attack.

You need to use PDO with prepared statements.

https://phpdelusions.net/pdo

You can download my PDO Bumpstart Database from my signature to get you going.