I am trying to add data from html form to database. However , I think everthing is OK but there are 2 errors: undefined sql and empty query. I research something and I learned sql injection but I dont understand what is the difference in INSERT INTO query. How can I solve this problem?(I have also one more column in database its name is id and it is auto inceremented. So I havent add it)
<?php
include('dbConnection.php');
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="addMember.css">
<script src="addMember.js"></script>
<title>Nature Apartment-Add Member</title>
</head>
<body>
<h1>Nature Apartment</h1>
<?php
if($_SERVER["REQUEST_METHOD"]=="POST"){
if(isset($_POST['submit'])){
$apartmentID= $_REQUEST['apartmentID'];
$uname= $_REQUEST['uname'];
$pwd= $_REQUEST['pwd'];
$phoneNumber= $_REQUEST['phoneNumber'];
$secondPhoneNumber= $_REQUEST['secondPhoneNumber'];
$whoseNumber= $_REQUEST['whoseNumber'];
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES '$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
}
}
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
?>
<ul>
<li><a href="AdminHomePage.html">HomePage</a></li>
<li><a href="AdminMembers.html">Members</a></li>
<li><a href="AdminPayments.html">Payments</a></li>
<li><a href="AdminGeneralExpenses.html">General Expenses</a> </li>
<li><a href="Chat.html">Chat</a></li>
<li><a href="AdminSettings.html">Settings</a></li>
</ul>
<br><br>
<h2>Add New Member</h2>
<br><br>
<form id="form" method="POST" >
<label for="apartmentID">Apartment ID</label><br>
<input type="text" id="id" name="id"><br><br>
<label for="username">Username</label><br>
<input type="text" id="uname" name="uname"><br><br>
<label for="Password">Password</label><br>
<input type="password" id="pwd" name="pwd"><br><br>
<label for="phoneNumber">Phone number</label><br>
<input type="text" id="phoneNumber" name="phoneNumber"><br><br>
<label for="secondPhoneNumber">Second phone number</label><br>
<input type="text" id="secondPhoneNumber" name="secondPhoneNumber"><br><br>
<label for="whoseNumber">Whose phone number? </label><br>
<input type="text" id="whoseNumber" name="whoseNumber"><br><br>
<input type="submit" value="Add" name="submit" >
</form>
</body>
</html>
I think you forgot a bracket??
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES '$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
Should be
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES **(**'$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
Ember.js is an open source JavaScript framework that was originally released by Yehuda Katz in 2011. It was originally called SproutCore 2.0 before it became Ember.js. Work on the Ember Framework began in 2011, and version 1.0 was released two years later.
https://emberjs.com/
DBMS is a database management system. It is designed to change, search, add and delete information in the database. There are many DBMSs designed for similar purposes with different features. One of the most popular is MySQL.
It is a software tool designed to work with relational SQL databases. It is easy to learn even for site owners who are not professional programmers or administrators. MySQL DBMS also allows you to export and import data, which is convenient when moving large amounts of information.
https://www.mysql.com/
CSS (Cascading Style Sheets) is a formal language for describing the appearance of a document written using a markup language.
It is mainly used as a means of describing, decorating the appearance of web pages written using HTML and XHTML markup languages, but can also be applied to any XML documents, such as SVG or XUL.
https://www.w3.org/TR/CSS/#css
HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet.
Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.