How to populate database tables with textbox data

Asked

Viewed 139 times

0

In the external PHP file I have the following code:

    <!DOCTYPE html>
     <?php

    $servername = "localhost";
    $username = "isabelso_isabel";
    $password = "password";
    $dbname = "isabelso_db";

    $dbconn = mysql_connect($servername, $username, $password, $dbname);
    mysql_select_db($dbname);

    if (isset($_POST['botao_registo']))
    {
        $name = $_POST['nome'];
        $nif = $_POST['nif'];

         $sql = ("INSERT INTO Paciente (nome, id_paciente ) VALUES ('".$nome."', ' ".$nif."')");

    if(mysql_query($query))
 {
echo "<script>alert('INSERTED SUCCESSFULLY');</script>";
}
else
 {
 echo "<script>alert('FAILED TO INSERT ".mysql_error()."');</script>";
        }    
     }

The table name is Paciente and the attributes are: nome, id_paciente

The name of the textbox is nome, nif.

the next I have:

    <body>

    <?php
          include("user_insert.php");
    ?>    
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
        <p style="font-size: 15px"> <font face= "Verdana">
            &nbsp Nome:<INPUT type="text" name="nome" size=50>
                &nbsp &nbsp &nbsp Data de Nascimento: <input type="date" name="bday" > <br><br>
            &nbsp NIF:<INPUT type="number" name="nif" size=10> &nbsp &nbsp &nbsp &nbsp &nbsp &nbsp
            &nbsp Telem&oacute;vel:<INPUT type="number" name="telemovel" size=10> <br><br>
            &nbsp Email:<INPUT type="email" name="email" size=40><br><br>
            &nbsp Password:<INPUT type="password" name="senha" size=30><br><br>
            &nbsp Password:<INPUT type="password" name="senha" size=30><br><br>
            &nbsp Alergias/Doen&ccedil;as Conhecidas:<INPUT type="text" name="doenças" size=50> <br><br>
            &nbsp Observa&ccedil;&otilde;es:<br>&nbsp <textarea name="observacoes" rows="5" cols="90" maxlength="500"></textarea>
            </p></font>
    <br>
    <br>
    <br>
    <br>
    <br> 

   <div id="botao">
      <input type="submit" name="botao_registo" value="ENVIAR DADOS" class=botaoEnviar />

there will be something wrong with the PHP code because when I fill the text box and press the send button to the database gives the error: "FAILED TO INSERT", query was Empty.

  • Isabel, start by taking out the brackets when you pass the column names in your SQL.

  • Once you get it working, do a search on SQL Injection to learn how to protect your script against this type of attack. At the moment that code is vulnerable.

  • Already solved your problem?

  • no, I already edited the code and put it on top, but the error still gives the same.

  • Isabel, it would be interesting to echo also the mysql_error(), being as follows: echo "<script>alert('FAILED TO INSERT ".mysql_error()."');</script>";

  • I have two suspicions there, I think it is not concatenating its variable, so try to printprint the SQL that is generated at the end before inserting first. If that’s it just use INSERT INTO...... VALUES ('".$nome."', '".$nif."')

  • And I added the suggestion of Everson and @Khaosdoctor and edited the code above and now the error says that the query is empty, so I added the code from where I am writing the

  • Does anyone know how to solve the problem?

Show 3 more comments

1 answer

0


The problem is that the variable $query does not exist. The variable you want to insert is the $sql, containing the query. Furthermore I believe that it is not necessary to put the query between brackets, this will generate error. So it would look like this:

... codigo anterior ...

$sql = "INSERT INTO Paciente (nome, id_paciente ) VALUES ('".$nome."', ' ".$nif."')"; // retirei os colchetes

        if(mysql_query($sql)) // aqui esta o erro

... resto do código ...

Browser other questions tagged

You are not signed in. Login or sign up in order to post.