Question posted in 
Im trying to insert Form information into the database.A very simple code.
I’ve verified to all the other answers in the site but it does not work
<?php
session_start();
// variable declaration
$school_name= "";
$dob = "";
$stu_name = "";
$stu_id = "";
$class = "";
$section = "";
$project = "";
$_SESSION['success'] = "";
// connect to database
$db = mysql_connect('localhost', 'root', '');
global $db;
global $dbcreate;
//creating database
$dbcreate="CREATE DATABASE student";
$retval=mysql_query($dbcreate,$db);
//Creating table
mysql_select_db("student",$db);
if (isset($_POST['add'])){
// receive all input values from the form
$school_name = mysql_real_escape_string($_POST['school_name']);
$dob = mysql_real_escape_string($_POST['dob']);
$stu_name = mysql_real_escape_string( $_POST['stu_name']);
$stu_id = mysql_real_escape_string( $_POST['stu_id']);
$class = mysql_real_escape_string( $_POST['class']);
$section = mysql_real_escape_string( $_POST['section']);
$project = mysql_real_escape_string( $_POST['project']);
}
//Insert the data into the tables
if(isset($_POST['add'])){
$sql1="INSERT INTO student(school_name,dob,stu_name,stu_id,class,section,project)
VALUES ({$_POST['school_name']},{$_POST['dob']},{$_POST['stu_name']},{$_POST['stu_id']},{$_POST['class']},{$_POST['section']},{$_POST['project']})";
$insertquery=mysql_query($sql1,$db);
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Login</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="login-box">
<h1>Students Details</h1>
<form method="post" action="login.php">
<div class="textbox">
<i class="fas fa-user"></i>
<input type="text" placeholder="School Name" name="school_name"value="<?php echo $school_name;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Date" name="dob"value="<?php echo $dob;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Student Name" name="stu_name"value="<?php echo $stu_name;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Student Id" name="stu_id"value="<?php echo $stu_id;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="class" name="class"value="<?php echo $class;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Section" name="section"value="<?php echo $section;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Project" name="project"value="<?php echo $project;?>">
</div>
<button type="submit" class="btn" name="add" href="login.php">Add details </button>
</form>
</div>
</body>
</html>
I expected the information to be saved in the database.
I went on to check the database in localhost/phpmyadmin.
But nothing is saved.
don’t worry about the deprecated old mysql function I’m using a old version of XAMPP
2
Answers
try:
you’re also creating a database every time, only need to do this ONCE, but also need to create the table ONCE.
You are using string operations to populate a query. Never do this! Most languages and DB libraries will provide parameterized query functionality; PHP makes you jump through a slightly different hoop for this. Use prepared statements to ensure your string values, which are not quoted here, are both properly escaped and enquoted.