Please help! I am trying to insert data into a database table using php and sql, but it is inserting blanks into the fields that I am trying to populate. Here is the sql insert command that I am using

$sql = "INSERT INTO tropicustomers.tropimembers (member, emailaddr) VALUES (\"$name\", \"$email\");";

Why is it inserting blanks instead of the data that I passed to the variables $name and $email? I was successfully passing the variables before through a form. I am not sure what has changed.

If it helps here is my code:

<?php
$name = $HTTPPOSTVARS['name'];
$email = $HTTPPOSTVARS['email'];
$from = "Tropiconnect <example@example.com>";
$subject = 'Free Caribbean Travel Offer from Example.com';
$message = 'http://www.example.com/FreeOffer.doc';
$con = mysqlconnect("tropicustomers.db","tropicustomers","mypassword");

if ($con) { mysqlselectdb("tropicustomers", $con); $sql = "INSERT INTO tropicustomers.tropimembers (member, emailaddr) VALUES (\"$name\", \"$email\");"; mysqlquery("$sql");

}else{ die('Could not connect: ' . mysql_error()); }

mysql_close($con);

if (!pregmatch("/\w+([-+.]\w+)@\w+([-.]\w+).\w+([-.]\w+)*/", $email)){ echo "<h4>Invalid email address:</h4>"."$email"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif ($name == "") { echo "<h4>Please fill in your full name before clicking the send button</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; }
elseif (mail($email,$subject,$message)) { echo "<h4>Thank you! Your request has been sent to example. You should receive an email shortly.</h4>"; echo "<a href='http://www.example.com'>Click here to go back to the example web site</a>"; } else { echo "<h4>Can't send email to $email</h4>"; } ?>

    This:

    $name = $HTTPPOSTVARS['name'];
    $email = $HTTPPOSTVARS['email'];

    should be:

    $name = $_POST['name'];
    $email = $_POST['email'];

    ... at the very least. You should check that incoming variables exist by using [man]isset[/man] or [man]empty[/man] before using them.

    Also, please post your PHP code in [noparse]

    [/noparse] bbcode tags.

      shaynes;10932556 wrote:

      Please help! I am trying to insert data into a database table using php and sql, but it is inserting blanks into the fields that I am trying to populate. Here is the sql insert command that I am using

      $sql = "INSERT INTO tropicustomers.tropimembers (member, emailaddr) VALUES (\"$name\", \"$email\");";

      Why is it inserting blanks instead of the data that I passed to the variables $name and $email? I was successfully passing the variables before through a form. I am not sure what has changed.

      If it helps here is my code:

      <?php
      $name = $HTTPPOSTVARS['name'];
      $email = $HTTPPOSTVARS['email'];
      $from = "Tropiconnect <customerservice@tropiconnect.com>";
      $subject = 'Free Caribbean Travel Offer from Tropiconnect.com';
      $message = 'http://www.tropiconnect.com/FreeOffer.doc';
      $con = mysqlconnect("tropicustomers.db","tropicustomers","mypassword");

      if ($con) { mysqlselectdb("tropicustomers", $con); $sql = "INSERT INTO tropicustomers.tropimembers (member, emailaddr) VALUES (\"$name\", \"$email\");"; mysqlquery("$sql");

      }else{ die('Could not connect: ' . mysql_error()); }

      mysql_close($con);

      if (!pregmatch("/\w+([-+.]\w+)@\w+([-.]\w+).\w+([-.]\w+)*/", $email)){ echo "<h4>Invalid email address:</h4>"."$email"; echo "<a href='javascript:history.back(1);'>Back</a>"; } elseif ($name == "") { echo "<h4>Please fill in your full name before clicking the send button</h4>"; echo "<a href='javascript:history.back(1);'>Back</a>"; }
      elseif (mail($email,$subject,$message)) { echo "<h4>Thank you! Your request has been sent to tropiconnect. You should receive an email shortly.</h4>"; echo "<a href='http://www.tropiconnect.com'>Click here to go back to the tropiconnect web site</a>"; } else { echo "<h4>Can't send email to $email</h4>"; } ?>

      There are some problems in your code like

      you wrote
      $name = $HTTPPOSTVARS['name'];
      $email = $HTTPPOSTVARS['email'];

      which should be

      $name=$POST['name'];
      $emsil=$
      POST['name'];

      OR
      $name =$REQUEST['name'];
      $email=$
      REQUEST['email'];

      $_REQUEST works for both GET and POST method

      and you use the database connection to connect database as

      mysqlconnect
      which should be
      mysql_connect("localhost","mysqluser","password");

      and

      mysql_select_db("database_name");

      if you make these changes then it will definitely work.

        Once you fix the errors noted above (does your PHP editor not like underscores or something??), also note that your code is vulnerable to SQL injection. User-supplied data should never be placed directly into a SQL query. Instead, it must first be sanitized with a function such as [man]mysql_real_escape_string/man (or by switching to a newer library of functions and using prepared queries).

          21 days later

          Thanks a bunch everybody! I tried all of the suggestions and they worked! Much appreciated

            Write a Reply...