0

Trying to insert data into my table but I keep getting an undefined index because there are "no value set when I submit my form". The if (isset($_POST['submit'])) removes my error even when I run the .php alone but no data is inserted when I submit my form. Any help is appreciated. Thank you

My form.html

<form name="supportForm" class="form" action="database.php" method="POST" onsubmit="return validateForm()">
<label>Name:</label>
<input type="text" name="name"/>
<br/>
<label>Client ID:</label>
<input type="text" name="clientID"/>
<br/>
<label>E-mail address:</label>
<input type="email" name="email"/>
<br/>
<label>Phone number:</label>
<input type="tel" name="tel"/>
<br/>
<br/>
Support Type:<br>
<input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br>
<input type="radio" name="suppType" value="Software">Software Issue<br>
<input type="radio" name="suppType" value="Hardware">Hardware Issue<br>
<input type="radio" name="suppType" value="Connectivity">Connectivity<br>
</br>
Operating System:
<select id="select">
 <option disabled selected value="">Choose a product</option>
 <option value="w7" name="OS">Windows 7</option>
 <option value="w8" name="OS">Windows 8/8.1</option>
 <option value="w10" name="OS">Windows 10</option>
</select>
<br> </br>
Problem Description:
<br><textarea id="ta" rows="10" cols="80" name="pDesc"></textarea></br>
<input type="checkbox" name="terms" value="agree">
<a href="#">I agree to the terms and conditions.</a>
<br> </br>
<input type="hidden" name="submitted" value="true">
<input type="submit" name="submit" onClick="validateSubmit()">
</form>

My PHP file

<?php
//Creates static credentials
define('DB_NAME', 'data');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
//Creates connection to the database
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD);
//Checks for connection
if ($con->connect_error) {
 die("Connection failed: " . $con->connect_error);
}
//If there are no connection, error
if (!$con) {
 die ('Could not connect' . mysqli_error());
}
//Select the 'data' database
$con->select_db(DB_NAME);
//Checks if database 'data' has been selected
if (mysqli_select_db($con, DB_NAME)) {
 echo "Database exists <br>";
} else {
 echo "Database does not exist";
}
//Successful connection message
echo "Connected successfully <br>";
if (isset($_POST['submit'])) {
//Retrieving values from support form
 $name = $_POST['name'];
 $clientID = $_POST['clientID'];
 $email = $_POST['email'];
 $tel = $_POST['tel'];
 $suppType = $_POST['suppType'];
 $OS = $_POST['OS'];
 $pDesc = $_POST['pDesc'];
//Inserting values into a table
 $sql = "INSERT INTO info (fullname, clientID, email, tel,
 suppType, OS, pDesc)
 VALUES ($name, $clientID, $email, $tel, 
 $suppType, $OS, $pDesc)";
if (!mysqli_query($con, $sql)) {
 echo "No data";
} else {
 echo "Data recorded successfully";
}
}
//Closes connection
mysqli_close($con);
Your Common Sense
158k42 gold badges226 silver badges374 bronze badges
asked Nov 23, 2016 at 10:12
6
  • 2
    update the code of validateSubmit() Commented Nov 23, 2016 at 10:14
  • You'll not get the proper results because you should be adding single quotes around your $_POST values. But it's unsafe as well, you should use mysqli_real_escape_string() or prepared statements. Commented Nov 23, 2016 at 10:16
  • Do you get your values in the $_POST in your php file? Do you get "No Data" error? Commented Nov 23, 2016 at 10:22
  • I think you don't need to set onClick and onsubmit attributes, because they're only javascript. Commented Nov 23, 2016 at 10:24
  • How would I update the validateSubmit() code or what should I be updating? And yes I do get the "No Data" message. Commented Nov 23, 2016 at 10:27

2 Answers 2

3

You must write name="OS" in <select> not in <option>

<select id="select" name="OS">
 <option disabled selected value="">Choose a product</option>
 <option value="w7">Windows 7</option>
 <option value="w8">Windows 8/8.1</option>
 <option value="w10">Windows 10</option>
</select>

And Sql must be like this you need apostrophes ('') around variables

$sql = "INSERT INTO `info` (fullname, clientID, email, tel, suppType, OS, pDesc)
VALUES ('$name', '$clientID', '$email', '$tel', '$suppType', '$OS', '$pDesc')";
answered Nov 23, 2016 at 10:24
Sign up to request clarification or add additional context in comments.

1 Comment

It's the problem, But not main problem!
1

You not showing us the validateForm() function, therefore we won't really know whats happening there, nonetheless I have edited your form and did a validation using php,

what you need to do first is to check if all values are set before jumping to insert into db, and make sure email is a proper email, also the select option the name attribute needs to be on the select tag not on the option tag, the option must only have values.

Then Validate,Filter and sanitize user input before storing to the database. Treat every userinput on your form as if its from a very dangerous hacker.

There's something called prepared statements, in mysqli and PDO you should try to learn that and use it :) you will enjoy it, I will leave it to you to research as to why you need to use prepared statements.

This is how your code should look

<form name="supportForm" class="form" action="database.php" method="POST">
 <label>Name:</label>
 <input type="text" name="name"/>
 <br/>
 <label>Client ID:</label>
 <input type="text" name="clientID"/>
 <br/>
 <label>E-mail address:</label>
 <input type="email" name="email"/>
 <br/>
 <label>Phone number:</label>
 <input type="tel" name="tel"/>
 <br/>
 <br/>
 Support Type:<br>
 <input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br>
 <input type="radio" name="suppType" value="Software">Software Issue<br>
 <input type="radio" name="suppType" value="Hardware">Hardware Issue<br>
 <input type="radio" name="suppType" value="Connectivity">Connectivity<br>
 </br>
 Operating System:
 <select id="select" name="OS">
 <option value="0">Choose a product</option>
 <option value="w7">Windows 7</option>
 <option value="w8">Windows 8/8.1</option>
 <option value="w10">Windows 10</option>
 </select>
 <br> </br>
 Problem Description:
 <br>
 <textarea id="ta" rows="10" cols="80" name="pDesc"></textarea>
 </br>
 <input type="checkbox" name="terms" value="agree">
 <a href="#">I agree to the terms and conditions.</a>
 <br> </br>
 <input type="hidden" name="submitted" value="true">
 <input type="submit" name="submit">
</form>

Then database.php

<?php
//Creates static credentials
define('DB_NAME', 'data');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$errors = ""; //checking for errors
//Creates connection to the database
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD);
//Checks for connection
if ($con->connect_error) {
 die("Connection failed: " . $con->connect_error);
}
//If there are no connection, error
if (!$con) {
 die('Could not connect' . mysqli_error());
}
//Select the 'data' database
$con->select_db(DB_NAME);
//Checks if database 'data' has been selected
if (mysqli_select_db($con, DB_NAME)) {
 echo "Database exists <br>";
} else {
 echo "Database does not exist";
}
//Successful connection message
echo "Connected successfully <br>";
if (isset($_POST['submit'])) {
 //check values are set
 if (empty($_POST['name'])) {
 echo "enter name";
 $errors++;
 } else {
 $name = userIput($_POST['name']);
 }
 if (empty($_POST['clientID'])) {
 echo "enter id";
 $errors++;
 } else {
 $clientID = userIput($_POST['clientID']);
 }
 if (empty($_POST['email'])) {
 echo "enter email";
 $errors++;
 } else {
 $email = userIput($_POST['email']);
 if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email)) { //validate email,
 echo "enter valid email";
 $errors++;
 }
 }
 if (empty($_POST['tel'])) {
 echo "enter tel";
 $errors++;
 } else {
 $tel = userIput($_POST['tel']);
 }
 if (!isset($_POST['suppType'])) {
 echo "select one option";
 $errors++;
 } else {
 $suppType = userIput($_POST['suppType']);
 }
 if (isset($_REQUEST['OS']) && $_REQUEST['OS'] === "0") {
 echo "please select product";
 $errors++;
 } else {
 $OS = userIput($_POST['OS']);
 }
 if (empty($_POST['pDesc'])) {
 echo "enter Description";
 $errors++;
 } else {
 $pDesc = userIput($_POST['pDesc']);
 }
 if ($errors <= 0) { // No errors
 //prepare and insert query
 $sql = $con->prepare("INSERT INTO info (fullname, clientID, email, tel,suppType, OS, pDesc) VALUES (?, ?, ?, ?, ?, ?, ?)");
 $sql->bind_param("sssssss", $name, $clientID, $email, $tel, $suppType, $OS, $pDesc);
 if ($sql->execute()) {
 echo "records inserted successfully";
 } else {
 echo "Could not insert " . mysqli_error();
 }
 $sql->close();
 $con->close();
 }
}
function userIput($data)
{
 $data = trim($data);
 $data = stripslashes($data);
 $data = htmlspecialchars($data);
 return $data;
}
?>

Hope this will help a little, and you will learn a thing or two, and I'm always available for suggessions, just incase I missed something. Thanks

answered Nov 23, 2016 at 11:23

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.