0

I have a form in a .php file. On action i send $_POST variables to another .php file, where i add the form/input results into the database table.

But there seems to be a problem at one specific place. The table is created correctly, there is connection. However, i can't insert data.

Here are my inputs from the original .php file. They generate without mistakes:

<div class="form-group">
    <input class="form-control" name="player<?php echo $i; ?>-fn" placeholder="First name" type="text" <?php if($i>5){echo "disabled ";}?> />
</div>
<div class="form-group">
    <input class="form-control" name="player<?php echo $i; ?>-ln" placeholder="Last name" type="text" <?php if($i>5){echo "disabled ";}?> />
</div>
<div class="form-group">
    <input class="form-control" name="player<?php echo $i; ?>-nr" placeholder="Number" type="number" <?php if($i>5){echo "disabled ";}?> />
</div> <?php } ?>

in the .php file, where i send the variables, i create a table:

$team_name = $_POST["team"];
$query = "CREATE TABLE " . strtolower($team_name) . " (id int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,team_name varchar(255) NOT NULL,short_name varchar(255) NOT NULL)";
mysqli_query($_SESSION["mySqlLink"],$query);

There is no error here, the table is created.

The error (not inserting into the table) seems to be here:

for($i=1; $i<=12; $i++){
    if(!empty($_POST["player". $i ."-fn"]) && !empty($_POST["player". $i ."-ln"]) && !empty($_POST["player". $i ."-nr"])){
        $first_name = $_POST["player". $i ."-fn"];
        $last_name = $_POST["player". $i ."-ln"];
        $number = $_POST["player". $i ."-nr"];
        $query = "INSERT INTO ". $team_name ." (number,first_name,last_name) VALUES ('$number','$first_name','$last_name')";
        mysqli_query($_SESSION["mySqlLink"],$query);
    }
    else break;
}

I have 12 inputs but not a single one is inserted into the table. What is the correct way to do this?

Improve this question
3
  • Lukas, it was answered. We don't need a status in the title or the question. Commented Aug 20, 2016 at 1:34
  • Mark Ravi's answer with a Green Check mark under the arrows :p Commented Aug 20, 2016 at 1:34
  • WARNING: When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use string interpolation or concatenation to accomplish this because you have created a severe SQL injection bug. NEVER put $_POST or $_GET data directly into a query, it can be very harmful if someone seeks to exploit your mistake. Commented Aug 20, 2016 at 3:14

1 Answer 1

Reset to default
1

Table column name (id,team_name,short_name) You are trying to insert (number,first_name,last_name) Insert column name should be same table column name Code will be like below:

for($i=1; $i<=12; $i++){
    if(!empty($_POST["player". $i ."-fn"]) && !empty($_POST["player". $i ."-ln"]) && !empty($_POST["player". $i ."-nr"])){
        $first_name = $_POST["player". $i ."-fn"];
        $last_name = $_POST["player". $i ."-ln"];
        $number = $_POST["player". $i ."-nr"];
        $query = "INSERT INTO ". $team_name ." (id,team_name,short_name) VALUES ('$number','$first_name','$last_name')";
        mysqli_query($_SESSION["mySqlLink"],$query);
    }
    else break;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

oh my god. such a silly mistake. thanks for your notice. i feel embaressed.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.