Home>

I want to register the contents entered in the input form with PHP in the database.
I checked it myself, but I can't solve it.
Is there a problem with the insert statement? .


The error has been resolved, but the input is not registered in the database.
I do not know if there is a problem with poison.

Error message

No error message is displayed, but the input is not registered in the database

Applicable source code
<html>
<head>
<meta http-equiv = "Content-Type" content = "text/html;charset = utf-8" />
<title>Assign assignment</title>
</head>
<body>
 New assignment registration 
        <form action = "database2.php" method = "POST">
        <p>No.</p>
        <input type = "text" name = "id" value = "" size = "50">
        <br>
        <table border = '1'>
        <tr>
            <th width = "100" nowrap>FY</th>
            <th width = "100" nowrap>Class</th>
            <th width = "100" nowrap>times</th>
            <th width = "100" nowrap>Type</th>
            <th width = "100" nowrap>Genre</th>
            <th width = "100" nowrap>Difficulty</th>
        </tr>
        <tr>
        <th width = "100" nowrap>
        <select name = "year">
            <option value = "">2019</option>
            <option value = "">2018</option>
        </select>
        <th width = "100" nowrap>
        <select name = "class">
            <option value = "">1</option>
            <option value = "">2</option>
            <option value = "">3</option>
            <option value = "">4</option>
            <option value = "">5</option>
            <option value = "">6</option>
            <option value = "">7</option>
            <option value = "">8</option>
            <option value = "">9</option>
        </select><th width = "100" nowrap>
        <select name = "number">
            <option value = "">1st</option>
            <option value = "">Part 2-3</option>
            <option value = "">4-5</option>
            <option value = "">No. 6-7</option>
            <option value = "">8-9</option>
            <option value = "">10th</option>
            <option value = "">11-12th</option>
            <option value = "">13-14</option>
            <option value = "">15th</option>
        </select>
        <th width = "100" nowrap>
        <select name = "genre">
            <option value = "">Attendance assignment</option>
            <option value = "">Basic assignment</option>
            <option value = "">Development issues</option>
        </select>
        <th width = "100" nowrap>
        <select name = "mso">
            <option value = "">Word</option>
            <option value = "">Excel</option>
            <option value = "">PowerPoint</option>
            <option value = "">Other</option>
        </select>
        <th width = "100" nowrap>
        <select name = "level">
            <option value = "">Easy</option>
            <option value = "">Normal</option>
            <option value = "">Difficult</option>
        </select>
        </tr>
        </table>
        <p>Title of the assignment<br>
        <input type = "text" name = "practice" value = "" size = "50">
        <p>Deadline<br>
        <input type = "text" name = "time" value = "" size = "50">
        <p>Included content (target)<br>
        <input type = "text" name = "purpose" value = "" size = "200">
        <p>Samples and other points to consider<br>
        <input type = "text" name = "other" value = "" size = "200">
        <p>Agenda file<br>
        <input type = "text" name = "file" value = "" size = "50">
        <p><input type = "submit" value = "Register with the above contents"></p>
        </form>
</body>
</html>
<html><head>
<meta http-equiv = "Content-Type" content = "text/html;charset = utf-8" />
<title>Assign assignment</title>
</head>
<body>
<? php
$con = mysqli_connect ('localhost', 'root', '2019minato');
if (! $con) {
  exit ('Could not connect to database');
}
$result = mysqli_select_db ($con, 'test');
if (! $result) {
  exit ('Database could not be selected');
}
$result = mysqli_query ($con, 'SET NAMES utf8');
if (! $result) {
  exit ('The character code could not be specified.');
}
$id = filter_input (INPUT_GET, 'id');
$year = filter_input (INPUT_GET, 'year');
$class = filter_input (INPUT_GET, 'class');
$number = filter_input (INPUT_GET, 'number');
$mso = filter_input (INPUT_GET, 'mso');
$genre = filter_input (INPUT_GET, 'genre');
$level = filter_input (INPUT_GET, 'level');
$practice = filter_input (INPUT_GET, 'practice');
$time = filter_input (INPUT_GET, 'time');
$purpose = filter_input (INPUT_GET, 'purpose');
$other = filter_input (INPUT_GET, 'other');
$file = filter_input (INPUT_GET, 'file');
$result = mysqli_query ($con, "INSERT INTO bank (id, year, class, number, mso, genre, level, practice, time, purpose, other, file) VALUES ('$id', '$year', ' $class', '$number', '$mso', '$genre', '$level', '$practice', '$time', '$purpose', '$other', '$file') " );
if (! $result) {
  exit ('Data could not be registered');
}
$con = mysqli_close ($con);
if (! $con) {
  exit ('Could not close connection with database');
}
?>
<p>Registration is complete.<br />Back</p>
</body>
</html>

Please describe what you tried for the problem here.

Supplemental information (FW/tool version etc.)

Please provide more information here.

  • Answer # 1

    Maybe it ’s the Notice

      

    $result = mysqli_query ($con, "INSERT INTO bank (id, year, class, number, mso, genre, level, practice, time, purpose, other, file) VALUES ('$id', '$year ',' $class ',' $number ',' $mso ',' $genre ',' $level ',' $practice ',' $time ',' $purpose ',' $other ',' $file ') ");

    I think it's a line

    Isn't it strange that logic is checking $_REQUEST with isset?
    It is set to $id only when isset, but conversely, if it gets caught by isset, $id is undefined

    if (isset ($_ REQUEST ["id"])) {
    $id = $_REQUEST ['id'];
    }
    ↓↓↓
    $id = filter_input (INPUT_GET, 'id');


    Please rewrite as follows.
    Moreover, although insert statements are currently issued unconditionally, conditional branching may be necessary.
    It is recommended to process mysqli with prepare instead of passing by value directly
    By the way, if you quit mysqli and use pdo, there will be a lot more useful sites, etc.

  • Answer # 2

    There are no definitions.
    $id is defined in the if statement.
    This will use an undefined variable in the SQL statement.

    $id = "";
    if () {
    $id = ...
    }

    If you write

    , it will not be undefined.

Related articles