0

I have come across a problem when inserting values from a html select in to a mysql database. I can't seem to get the values to insert for some reason; I have looked for help on this but they keep giving me errors. Also, can some please tell me what the difference between mysql and mysqli?

php code

<?php
$con = mysql_connect("localhost","barsne","bit me");
if (!$con) {
    die('Could not connect: ' . mysql_error());
}

mysql_select_db("testing", $con);

$sql="INSERT INTO client_details (id, f_name, l_name, phone, email, job_est) VALUES
   ('', '$_POST[f_name]', '$_POST[l_name]', '$_POST[phone]', '$_POST[email]', '$_POST[job_est]')";

if (!mysql_query($sql,$con)) {
    die('Error: ' . mysql_error());
}

echo "Thank you for booking a with us we will contact you in the next 24 hours to confirm your booking with a time and date";

mysql_close($con)
?>

html code

<form method="post" action="processing_booking.php">
    <h4><u>Basic Contact Details</u></h4>
    <label>First Name</label>
    <input type="text" name="f_name">
    <label>Last Name:</label>
    <input type="text" name="l_name" id="l_name">
    <label>Phone Number:</label>
    <input type="text" name="phone" id="phone">
    <label>Email:</label>
    <input type="text" name="email" id="email">

    <h4><u>Job Details</u></h4>
    <label>You Would Like To Book A:</label>
    <select name="job_est">
        <option value="select">--SELECT--</options>
        <option value="job">Job</option>
        <option value="est">Estimation</option>
    </select>

    <label>Service Your Booking:</label>
    <select name="job_type">
        <option value="select">--SELECT--</option>
        <option value="gardening">Gardening</option>
        <option value="landscaping">Landscaping</option>
        <option value="painting">Painting & Decorating</option>
        <option value="decking">Decking & Fencing</option>
    </select>

    <label>Any Additional Information </label>
    <textarea name="extra_info"></textarea>
    <input type="submit" value="lets get your dreams started">
</form>

sorry wirting is not my strong point

Improve this question
7
  • 2
    The MySQL family of PHP is deprecated and support thereof will disappear. Please look into PDO or Mysqli. The code is also wide open to SQL injection. Commented Aug 26, 2014 at 9:24
  • 1
    Can you please add the starting form tag also to the question Commented Aug 26, 2014 at 9:25
  • 3
    What's the error you got? Commented Aug 26, 2014 at 9:25
  • 2
    you should never write $_POST values directly in your sql query. Even when it is a selectbox the value can be easily changed with tools like chrome developer toolbar tampadata etc. Commented Aug 26, 2014 at 9:31
  • 2
    have you noticed that you're using $_POST[f_name] istead of $_POST['f_name'] ... Commented Aug 26, 2014 at 9:34

3 Answers 3

Reset to default
2

Note that $_POST['name'] you missed single quotations

you must prevent from injection with 

// String Type Fields 
$name = strip_tags($_POST['name']);
$f_name= strip_tags($_POST['f_name']);
$l_name= strip_tags($_POST['l_name']);
$phone= strip_tags($_POST['phone']);
$email= strip_tags($_POST['email']);

// Int Type Fields
if (isset($_POST['job_est']) && is_numeric($_POST['job_est']))
   $job_est= $_POST['job_est'];
else 
   $job_est= 0;

then use in your query

other point is if your id field is primary and auto increment , you can define your query as below :

$sql="INSERT INTO client_details (f_name, l_name, phone, email, job_est) VALUES
   ( '".$f_name."', '".$l_name."', '".$phone."', '".$email."', ".$job_est.")";

for strings you must use '".$variable."' and for integer or numeric you must use ".$variable."

other point is you must change your select element to below because you have noticed in your comments your job_est field type is int(11)

<select name="job_est">
    <option value="0">--SELECT--</option>
    <option value="1">Gardening</option>
    <option value="2">Landscaping</option>
    <option value="3">Painting & Decorating</option>
    <option value="4">Decking & Fencing</option>
</select>
Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

put strip_tags before $sql="
what is the field type of your job_est filed in your db ?
the job_est is int(11) let me guess as a newibe i made one of the most simplest mistakes
so you must set the value of select box to integer and so you dont need strip tags the job_est and simply check if is_nummeric($_POST['job_est']). I have updated my answer
how would i put if is_nummeric($_POST['job_est']) in to my script
|
1

  • The mysql functions are deprecated. Use the mysqli or pdo class instead.

    mysqli: https://php.net/manual/en/class.mysqli.php

    pdo: https://php.net/manual/en/book.pdo.php

  • Make a var_dump($_POST) and you will see what the problem is. By the way you missed the single quotes $_POST['value']

  • Never ever write $_POST or $_GET data directly in your sql queries. Always validate them before, because even the value of a selectbox can get easily changed with tampadata or chrome developer tools.

Improve this answer

Comments

0

Well you can obviously start printing the results of your $_POST array with :

print_r($_POST,1);

to check all variables existence in it

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.