Insert php form data in mysqli error

Question

I am trying to create PHP form data insert in SQL but getting error. Even when I write code same to same but I'm still getting an error.

<?php

    $un = $_POST['uname'];
    $em = $_POST['email1'];

//with or what out these bellow variables
    $host = "localhost";
   $username = "admin";
   $password = "admin";
   $database = "test1";

    $db = mysqli_connect('$host','$username','$password','$database');
    $query = "INSERT INTO users ('username','password') VALUES ('$un','$em')";
    $rs = mysqli_query($db,$query);
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Form Registration</title>
</head>
<body>
    <form action="server1.php" method="post">
        <label>Name</label>
        <input type="text" name="uname" required="required">
        <label>Email</label>
        <input type="email" name="email1" required="required">
        <input type="submit" name="submit" value="submit">
    </form>

</body>
</html>

Your code is vulnerable to SQL injection attacks. You should use mysqli or PDO prepared statements with bound parameters as described in this post. — user7744592
– user7744592, Commented May 22, 2018 at 8:25

Noob Developer · Accepted Answer · 2018-05-22 10:33:09Z

The error was "" just inverted comma's, now its works perfectly.

     <?php
        $un = $_POST['uname'];
        $em = $_POST['email1'];

        $host = "localhost";
        $username = "admin";
        $password = "admin";
        $database = "test1";

            $con = mysqli_connect ("$host","$username","$password","$database");
            $query = "insert into users (username,email) values ('$un','$em')";
            $run = mysqli_query ($con,$query);

            if ($run=TRUE){
                echo 'Data Submitted Successfuly';
            }
            else {
                echo 'Error';
            }

    ?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Form Registration</title>
</head>
<body>
    <form action="server1.php" method="post">
        <label>Name</label>
        <input type="text" name="uname" required="required">
        <label>Email</label>
        <input type="email" name="email1" required="required">
        <input type="submit" name="submit" value="submit">
    </form>

</body>
</html>

Abdur Rahim · Accepted Answer · 2018-05-21 21:56:03Z

0

You can try this way.

$db = mysqli_connect($host, $username, $password) or die ('Unable to connect');
mysqli_select_db($db, $database) or die('Unable to select DB');

answered May 21, 2018 at 21:56

Abdur Rahim

406 bronze badges

4 Comments

Noob Developer Over a year ago

same problem cant enter data in database.

Abdur Rahim Over a year ago

Ok then you should change column name within ' ' to ` ` sign within query

Abdur Rahim Over a year ago

Ok i have slightly modify your code and run to me. Please check this link - ideone.com/qLAlX4

Noob Developer Over a year ago

same problem no data inserting to database when click on submit even i edited action="" but no inserting any data.

Collectives™ on Stack Overflow

Insert php form data in mysqli error

2 Answers 2

Comments

4 Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

Comments

4 Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related