I wonder why I get this warning only when the table is empty ?
Am I missing some checking or something ?

<?php
echo "<a href=./>Home</a><br>";

$conn  = mysqli_connect("localhost", "user", "pass", "db");
$query = mysqli_query($conn, "SELECT * FROM pdb");
$fetch = mysqli_fetch_assoc($query);

if(!$_POST) {
  echo "<form action='".$_SERVER[PHP_SELF]."' method='post'><table>";
  foreach($fetch as $key => $val) {
    if($key==id) { } else {
      echo "<tr><td>".$key."</td><td><input type='text' name='".$key."'></td></tr>";
    }
  }
  echo "</table><input type='submit' name='submit' value='Submit'>";
  echo "</form>";
}

else {
  $insert="INSERT INTO pdb (filename,dato,size,spoken,speaker,dialect,project,gender) VALUES ('$_POST[filename]','$_POST[dato]','$_POST[size]','$_POST[spo$
  mysqli_query($conn,htmlspecialchars($insert)) or die (mysqli_error($conn));

  $affected_rows = mysqli_affected_rows($conn);
  echo "<strong>".$affected_rows."</strong> row inserted.";
}
# close connection
mysqli_close($conn);
?>

You are missing checking if there are actually any rows returned. If there aren't any rows returned then $fetch won't be an array. In fact you never check that the connection was successful, or if the query was successful either.

There's also the problem with not properly checking for the existence of $_POST (via [man]isset[/man]), or any of the elements it's supposed to have; array keys missing their quotes; and a failure to sanitise inputs before putting them into database commands.

Im getting frustrated over my own stupidity. I don't seem to understand anything anymore.

Im trying to break it down to simple parts now.

Below is a very basic connection wich is supposed to print out atleast the keys of the table, but it doesnt print out anything at all, and I dont understand why ???

Note that the table is empty now, but shouldnt I be able to list out the keys/titles of the table anyway ?

<?php
echo "<a href=./>Home</a><br>";

$conn    = mysqli_connect("localhost", "user", "pass", "db");
$query   = mysqli_query($conn, "SELECT * FROM pdb");
$fetch   = mysqli_fetch_assoc($query);

print_r($fetch);
?>

no you won't get if the table is empty
because $fetch = mysqli_fetch_assoc($query);
fetch the record of table not the column name of the table

bradgrafelman;11004346 wrote:

If your only goal is to get the column names from a given table, then you'd probably want to execute a SQL query like:

SELECT
    COLUMN_NAME
FROM
    information_schema
WHERE
    TABLE_SCHEMA = 'your_db_name'
    AND TABLE_NAME = 'your_table_name'

Its not my only goal but a start. Eventually I want to loop through the column names and have them correspond with the input fields of an input form. Both for mysql insert and update (in two separate files thow).

Thanks so far

so you can apply the check condition before exculting the query for column

My following script below seem to work. But how do I now access/echo only the values instead of all the $_POST ?

<?php
echo "<a href=./>Home</a><br>";

$conn = mysqli_connect("localhost", "user", "pass", "db");

# check connection
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

if(!$_POST) {
        if($query = mysqli_query($conn, "SELECT * FROM pdb")) {
                print "<form action='".$_SERVER['PHP_SELF']."' method='post'><table>";
                        while($fetch_field = mysqli_fetch_field($query)) {
                                print "<tr><td>".$fetch_field->name."</td><td><input type='text' name='".$fetch_field->name."'></td></tr>";
                        }
                }
                print "<tr><td><input type='submit' name='submit' value='insert'></td></tr></form>";
        }
else {
        print "<pre>";
        print_r($_POST);
        print "</pre>";
}
?>

you can use the
echo $_POST["column_name"]; to access the each value of post

vivek151189;11004578 wrote:

you can use the
echo $_POST["column_name"]; to access the each value of post

Thanks

Is there a way to loop through the form/userinput values so I don't have to write :

echo $_POST[filename];
echo $_POST[dato];
echo $_POST[size];
...

?

use foreach loop as its is better

Thanks.

Iv tried to foreach loop through $_POST. Problem now is that I also get the form submit part in the return. I don't want that. I only want the user input values. How do I do that ?

<?php
echo "<a href=./>Home</a><br>";

$conn = mysqli_connect("localhost", "user", "pass", "db");

# check connection
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

if(!$_POST) {
        if($query = mysqli_query($conn, "SELECT filename,dato,size,spoken,speaker,dialect,project,gender FROM pdb")) {
                print "<form action='".$_SERVER['PHP_SELF']."' method='post'><table>";
                        while($fetch_field = mysqli_fetch_field($query)) {
                                print "<tr><td>".$fetch_field->name."</td><td><input type='text' name='".$fetch_field->name."'></td></tr>";
                        }
                }
                print "<tr><td><input type='submit' name='submit' value='insert'></td></tr></form>";
        }
else {
        foreach ($_POST as $key => $val) {
                echo $key." = ".$val."<br>";
        }
}
?>

bradgrafelman;11004600 wrote:

One way would be to create an array of known field names, then you'd use a [man]foreach/man loop to loop through that array and use each value as an index in the $_POST array.

Alternatively, you could simply use a [man]foreach/man loop directly on the $_POST array itself (just know that the end user could inject any key-value name pair he/she desires).

Thank you. So what alternative would you reccomend as best ?
Creating an array or looping through $_POST ?

Im not shure how to create an array of the known field names. Maby something like this ?

while($fetch_field = mysqli_fetch_field($query)) {
   print "<tr><td>".$fetch_field->name."</td><td><input type='text' name='".$fetch_field->name."[]'></td></tr>";
}

Thanks for all help.

Now I finally understand I think.
I was trying to use mysqli_fetch_assoc earlier, but it did not output the column names. Only the values if present. Seems like mysqli_fetch_field is what I needed.

Now I have to figure out how to input the values into the mysql table.

Again thanks so far.

Below is the working script so far.

<?php
echo "<a href=./>Home</a><br>";

$conn = mysqli_connect("localhost", "user", "pass", "db");

if(!$_POST) {
 if($query = mysqli_query($conn, "SELECT * FROM pdb")) {
     print "<form action='".$_SERVER['PHP_SELF']."' method='post'><table>";
     while($fetch_field = mysqli_fetch_field($query)) {
       if($fetch_field->name=="id") { } else {
         print "<tr><td>".$fetch_field->name."</td><td><input type='text' name='".$fetch_field->name."'></td></tr>";
      }
    }
  }
  print "<tr><td><input type='submit' name='submit' value='insert'></td></tr></form>";
 }
 else {
  foreach ($_POST as $key => $val) {
    if($key=="submit") { } else {
      echo $key." = ".$val."<br>";
    }
  }
}
?>

I figured out the mysqli insert part aswell :

<?php
echo "<a href=./>Home</a><br>";

$conn = mysqli_connect("localhost", "user", "pass", "db");

if(!$_POST) {
  if($query = mysqli_query($conn, "SELECT * FROM pdb")) {
    print "<form action='".$_SERVER['PHP_SELF']."' method='post'><table>";
      while($fetch_field = mysqli_fetch_field($query)) {
        if($fetch_field->name=="id") { } else {
          print "<tr><td>".$fetch_field->name."</td><td><input type='text' name='".$fetch_field->name."'></td></tr>";
      }
    }
  }
  print "<tr><td><input type='submit' name='submit' value='insert'></td></tr></form>";
}
elseif(empty($_POST[filename]) or empty($_POST[dato]) or empty($_POST[size])) {
  echo "You have to fill out all the fields";
}
else {
  mysqli_query($conn, "INSERT INTO pdb VALUES (NULL,'$_POST[filename]','$_POST[dato]','$_POST[size]','$_POST[spoken]','$_POST[speaker]','$_POST[dialect]',$
  echo mysqli_affected_rows($conn)." row inserted into table pdb.";
}
?>