0

I know this issue has been asked several times and I've tried the given solutions but none doesn't seem to work with my script. D: Anyone would be kind enough to enlighten me and what am I doing wrong?

Here's the portion of the HTML script:

<td class="tableBody">
    <input type="checkbox" name="category[]" value="Website" /> Website
    <input type="checkbox" name="category[]" value="Members" /> Members
    <input type="checkbox" name="category[]" value="Updates" /> Updates
    <input type="checkbox" name="category[]" value="Cons" /> Cons
    <input type="checkbox" name="category[]" value="Others" /> Others
</td>

And this is the portion of MySQL script:

$title = htmlspecialchars(strip_tags($_POST['title']));
    $entry = $_POST['entry'];
    $cat = implode(",", $_POST['category']);

    date_default_timezone_set('Asia/Manila');
    $timestamp = date('Y-m-d H:i:s');

    $entry = nl2br(htmlentities($entry, ENT_QUOTES, 'UTF-8'));

    if (!get_magic_quotes_gpc()) {
            $title = addslashes($title);
            $entry = addslashes($entry);
        }

    $insert = "INSERT INTO `blog` (`id`, `username`, `entry_id`, `title`, `entry`, `category`, `timestamp`) VALUES ('$id', '$name', '',  '$title', '$entry', '$cat', '$timestamp');";

The form is working fine, only that the categories are not inserted into the column.enter image description here

Thanks in advance!

Improve this question
17
  • What is the type of category column in your table? What is the value of $cat if you print it? Commented Feb 27, 2017 at 9:30
  • datatype of category column must be varchar if it is int Commented Feb 27, 2017 at 9:31
  • 1
    hmm so your category value is not pass in form post. now make sure your category checkbox is in <form> or not Commented Feb 27, 2017 at 10:47
  • 1
    can you provide full code of your html and php? Commented Feb 27, 2017 at 11:28
  • 1
    i think your top foreach loop might be affect on below code so remove foreach loop and check it's working or not otherwise code is looks perfect Commented Feb 27, 2017 at 12:50

3 Answers 3

Reset to default
1

Could you try change this line to this basicly add (array)..

$cat = implode(",", (array)$_POST['category']);

If that's not works again look this; I add some lines Add these and look if there was a error or something like that. There could be database connection or database structure issue. You can see if there was a error. I tested it and it worked for me.

<?php
        $title = htmlspecialchars(strip_tags($_POST['title']));
        $entry = $_POST['entry'];
        $cat = implode(",", $_POST['category']);
        echo $cat;
        date_default_timezone_set('Asia/Manila');
        $timestamp = date('Y-m-d H:i:s');

        $entry = nl2br(htmlentities($entry, ENT_QUOTES, 'UTF-8'));

        if (!get_magic_quotes_gpc()) {
                $title = addslashes($title);
                $entry = addslashes($entry);
            }

            //I add these lines from here, to...
            $servername = "localhost";
            $username = "root";
            $password = "";
            $dbname = "code";

            // Create connection
            $conn = new mysqli($servername, $username, $password, $dbname);
            // Check connection
            if ($conn->connect_error) {
                die("Connection failed: " . $conn->connect_error);
            } 

            $sql = "INSERT INTO `blog` (`id`, `username`, `entry_id`, `title`, `entry`, `category`, `timestamp`) VALUES ('$id', '$name', '',  '$title', '$entry', '$cat', '$timestamp');";

            if ($conn->query($sql) === TRUE) {
                echo "New record inserted successfully";
            } else {
                echo "Error: " . $sql . "<br>" . $conn->error;
            }

            $conn->close();

            //Here...
    ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Hi, I also tried the basic array and nothing happened. As for the connection, it already has, otherwise it won't insert the other fields in mysql. Thank you :)
so there could be issue in your form can you share your form?
1

As per ImBS' suggestion, I've removed the original foreach loop by putting it within a comment (for future reference) since it does affect the array for categories, and did some tweaks by moving the SQL data below it and it works fine now. :)

if (!isset($_POST['submit']) || $_SERVER['REQUEST_METHOD'] != "POST") {
    exit("<p>You did not press the submit button; this page should not be accessed directly.</p>");
}
else {

$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
$profanity = "/(beastial|bestial|blowjob|clit|cum|cunilingus|cunillingus|cunnilingus|cunt|ejaculate|fag|felatio|fellatio|fuck|fuk|fuks|gangbang|gangbanged|gangbangs|hotsex|jism|jiz|kock|kondum|kum|kunilingus|orgasim|orgasims|orgasm|orgasms|phonesex|phuk|phuq|porn|pussies|pussy|spunk|xxx)/i";
$spamwords = "/(viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|texas|holdem|carisoprodol|ciara|ciprofloxacin|debt|dating|porn)/i";
$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";

if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
    exit("<h1>Error</h1>\nKnown spam bots are not allowed.<br /><br />");
}
/* FOREACH LOOP
foreach ($_POST as $key => $value) {
    $value = trim($value);

    if (preg_match($exploits, $value)) {
        exit("<h1>Error</h1>\nExploits/malicious scripting attributes aren't allowed.<br /><br />");
    }
    elseif (preg_match($profanity, $value) || preg_match($spamwords, $value)) {
        exit("<h1>Error</h1>\nThat kind of language is not allowed through our form.<br /><br />");
    }

    $_POST[$key] = stripslashes(strip_tags($value));
}
END FOREACH LOOP */

    $connect = mysqli_connect("$db_server", "$db_user", "$db_password", "$db_database");
    $select=mysqli_query($connect, "SELECT * FROM `$table_members` WHERE username='$_SESSION[logged_in]'");
            while($row=mysqli_fetch_assoc($select)) {
                $id = $row['id'];
                $name = $row['username'];
            }

    $title = htmlspecialchars(strip_tags($_POST['title']));
    $entry = $_POST['entry'];
    $category = $_POST['category'];
    $cat = implode(", ", $_POST['category']);

    date_default_timezone_set('Asia/Manila');
    $timestamp = date('Y-m-d H:i:s');

    $entry = nl2br(htmlentities($entry, ENT_QUOTES, 'UTF-8'));

    if (!get_magic_quotes_gpc()) {
            $title = addslashes($title);
            $entry = addslashes($entry);
    }

    $insert = "INSERT INTO `blog` (`id`, `username`, `entry_id`, `title`, `entry`, `category`, `timestamp`) VALUES ('$id', '$name', '',  '$title', '$entry', '$cat', '$timestamp')";

    if(mysqli_query($connect, $insert)) {
        echo '<h1>Success!</h1>
        You have successfully posted a new blog entry!';
    }
    else {
        echo '<h1>Error</h1>
        It looks like there was an error in processing your submitted form.';   
    }
}

Thank you for all the suggestions! :)

Improve this answer

Comments

0

Everything seems to be fine except your datatype of category. Its may not be varchar. Try to use varchar. Your query could be showing some warning, use

error_reporting(E_ALL); ini_set('display_errors', 1);

to on error reporting then solve query manually.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.