1

I've got a simple form to take in user data and insert it into an sql database. When the user hits submit it does create a new entry line (so I know it's connecting to the database) but none of the values are posting as they should. I was following the tutorials on w3schools but I'm not sure where my Values are getting lost. Could some one point me in the right direction?

Form:

<?php
$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$Sid = $_POST["Sid"];
$Email = $_POST["Email"];
$Dtype = $_POST["Dtype"];
$Mac = $_POST["Mac"];
?>

<html>
<head>
<title>Register School Device</title>
</head>
<body>
<form method="post" action="SMA_Send.php">
First Name:<input type="text" size="12" maxlength="20" name="Fname"><br />
Last Name:<input type="text" size="12" maxlength="36" name="Lname"><br />
Student ID:<input type="text" size="12" maxlength="12" name="Sid"><br />
Email:<input type="text" size="12" maxlength="36" name="Email"><br />
Device Type:<br />
<select name="Dtype">
<option value="iPad">iPad</option>
<option value="iPhone">iPhone</option>
<option value="AndroidTablet">Android Tablet</option>
<option value="AndroidPhone">Android Phone</option></select><br />
Mac Address:<input type="text" size="12" maxlength="36" name="Mac"><br />
<input type="submit" value="submit" name="submit">
</form>

Send:

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "dbname";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

$sql = "INSERT INTO StudentDeviceReg (Fname, Lname, Sid, Email, Dtype, Mac, Date)
VALUES ('$Fname','$Lname','$Sid','$Email','$Dtype','$Mac',NOW())";

if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();
?>
Improve this question
1
  • You need to put the values in the variables on the page which inserts it in to the database, not on the page with the form. Commented Jan 14, 2015 at 19:11

2 Answers 2

Reset to default
5

These belong in your PHP/SQL SMA_Send.php file and not in your form.

$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$Sid = $_POST["Sid"];
$Email = $_POST["Email"];
$Dtype = $_POST["Dtype"];
$Mac = $_POST["Mac"];

Having used error reporting, would have signaled Undefined variables.

I also need to note that your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

Sidenote: Error reporting should only be done in staging, and never production.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Welp I feel silly, that worked thanks. Looking into prepared statements now, appreciated!
0

i don't see you using $_POST any where:

use $_POST["Fname"] and others also like this.

or you can do this:

$Fname = $_POST["Fname"];// for the rest also.
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.