0

Hi there I am trying to add some data from a form into a MySQL database and it doesn't seem to been working. Any help would be appreciated.

PHP

<?php
if(isset($_POST['add']))
{
$dbhost = 'localhost';
$dbuser = '';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
  die('Could not connect: ' . mysql_error());
}

$businessname = $_POST['businessname'];
$businessgenre = $_POST['businessgenre'];
$shortbusinessdescription = $_POST['shortbusinessdescription'];
$longbusinessdescription = $_POST['longbusinessdescription'];
$businesswebsiteaddress = $_POST['businesswebsiteaddress'];
$businessphonenumber = $_POST['businessphonenumber'];
$businesscontactemail = $_POST['businesscontactemail'];
$businesstags = $_POST['businesstags'];


$sql = "INSERT INTO database ".
       "(businessname, businessgenre, shortbusinessdescription, longbusinessdescription, businesswebsiteaddress, businessphonenumber, businesscontactemail, businesstags) ".
       "VALUES ".
       "('$businessname','$businessgenre','$shortbusinessdescription', '$longbusinessdescription', '$businesswebsiteaddress', '$businessphonenumber', '$businesscontactemail', '$businesstags')";
mysql_select_db('armannwe_bakery');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
  die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
}
else
{
?>

<?php
}
?>

HTML

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><form name="form1" method="post" action="insert_ac.php">
<table width="100%" border="0" cellspacing="1" cellpadding="3">

<tr>
<td colspan="3"><strong>Add your business for a free listing today </strong></td>
</tr>

<tr>
<td width="71">Business Name</td>
<td width="6">:</td>
<td width="301"><input name="businessname" type="text" id="businessname"></td>
</tr>

<tr>
<td>Business Genre</td>
<td>:</td>
<td><input name="businessgenre" type="text" id="businessgenre"></td>
</tr>

<tr>
<td>Short Business Description</td>
<td>:</td>
<td><input name="shortbusinessdescription" type="text-area" id="shortbusinessdescription"></td>
</tr>

<tr>
<td>Long Business Description</td>
<td>:</td>
<td><input name="longbusinessdescription" type="text-area" id="longbusinessdescription"></td>
</tr>

<tr>
<td>businesswebsiteaddress</td>
<td>:</td>
<td><input name="businesswebsiteaddress" type="text" id="businesswebsiteaddress"></td>
</tr>

<tr>
<td>businessphonenumber</td>
<td>:</td>
<td><input name="businessphonenumber" type="text" id="businessphonenumber"></td>
</tr>

<tr>
<td>businesscontactemail</td>
<td>:</td>
<td><input name="businesscontactemail" type="text" id="businesscontactemail"></td>
</tr>

<tr>
<td>businesstags</td>
<td>:</td>
<td><input name="businesstags" type="text" id="businesstags"></td>
</tr>

<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
3
Contributors
2
Replies
18
Views
3 Years
Discussion Span
Last Post by broj1
2

For a start, remember mysql_* functions are outdated in PHP now, so a much better idea to use mysqli_ or PDO. There is also no need to open and close PHP tags (e.g. line 38 + 40), and no need to have an empty else{} statement.

Next, your script is hopelessly insecure. You need to have a qucik read up on SQL injection, as none of the variables are being sanitized.

At the top of your script you have isset($_POST['add']), yet there is no "add" field in your form, so none of the rest of the code will execute.

0

Your script might work if you change line 2 to:

if(isset($_POST['Submit']))

since you usualy check whether the form was submited (but this is more or less just a guess).

However, do take seriously above notes about security.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.