connecting to my database

Codes here !

Moderators: egami, macek, gesf

Post Reply
sfisher89
New php-forum User
New php-forum User
Posts: 3
Joined: Tue Aug 07, 2018 7:17 am

Tue Aug 07, 2018 7:26 am

i have a site set up at www.fishergaming.co.nf/playerbase.html

here i havea form connected to my database but when i submit the form i get a blank white screen adn nothing is sent to my database .
hopefully i can upload screenshots .
please help thanks


this is a page called connect.php

<?php


include 'connect.php';



$savestring =

$id = "";

$emailid = $_POST["emailid"];

$epicid = $_POST["epicid"];

$steamid = $_POST["steamid"];

$ps4id = $_POST["ps4id"];

$xboxid = $_POST["xboxid"];

$gender = $_POST["gender"];

$console = $_POST["console"];

$platform = $_POST["platform"];

$othernotes = $_POST["othernotes"];

$sql = "INSERT INTO playerbasetable (id, emailid, epicid, steamid, ps4id, xboxid, gender, console, platform, othernotes)
VALUES ('$id', '$emailid', '$epicid', '$steamid', '$ps4id','$xboxid' '$gender', '$console', '$platform', '$othernotes',)";


if ($conn->query($sql) === TRUE) {
$last_id = $conn->insert_id;

echo
"<script>
alert('message sent succesfully');
window.history.go(-1);
</script>";
}

else {

echo "Error: " . $sql . "<br>" . $conn->error;

}



?>






AND
the next page is called data.php.

<?php


include 'connect.php';



$savestring =

$id = "";

$emailid = $_POST["emailid"];

$epicid = $_POST["epicid"];

$steamid = $_POST["steamid"];

$ps4id = $_POST["ps4id"];

$xboxid = $_POST["xboxid"];

$gender = $_POST["gender"];

$console = $_POST["console"];

$platform = $_POST["platform"];

$othernotes = $_POST["othernotes"];

$sql = "INSERT INTO playerbasetable (id, emailid, epicid, steamid, ps4id, xboxid, gender, console, platform, othernotes)
VALUES ('$id', '$emailid', '$epicid', '$steamid', '$ps4id','$xboxid' '$gender', '$console', '$platform', '$othernotes',)";


if ($conn->query($sql) === TRUE) {
$last_id = $conn->insert_id;

echo
"<script>
alert('message sent succesfully');
window.history.go(-1);
</script>";
}

else {

echo "Error: " . $sql . "<br>" . $conn->error;

}



?>



and lastly here is the form page playerbase.html
<form action="connect.php" method="post">
<div class="text-center">
<p class="text-center">
E-mail Address: <span lang="en-gb">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span>
Epic ID:<br>
<input type="text" name="emailid" size="35" required>
<input type="text" name="epicid" size="35"><br>
Steam ID:<span lang="en-gb">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span>
PS4 ID:<br>
<input type="text" name="steamid" size="35" style="width: 285px">
<input type="text" name="ps4id" size="35" class="auto-style2"><br>
XBOX ID:<input type="text" name="xboxid" size="40" style="width: 421px"><br>
&nbsp;</p>
<p class="text-center">
<b><span lang="en-gb">G</span>ender</b></p>
<div class="text-center">
<input type="radio" name="gender" value="male" checked> Male<br>
<input type="radio" name="gender" value="female"> Female<br>
<input type="radio" name="gender" value="other"> Prefer not to say
<br>
<br></div>
</p>
<p class="text-center"><b>What do you play?</b></p>
<p class="text-center">
<input type="radio" name="console" value="playstation"> I Play Playstation<br>
<input type="radio" name="console" value="xbox"> I Play Xbox<br>
<input type="radio" name="console" value="pc"> I Play PC(Steam)</p>
<p><p class="text-center">
<b>What is Your favourite platform for gaming?</b></p>
<input type="radio" name="platform" value="chooseone">choose one</option>
<input type="radio" name="platform" value="console">console</option>
<input type="radio" name="platform" value="pc">pc</option>
<input type="radio" name="platform" value="mobile">mobile</option>
<input type="radio" name="platform" value="other">other</option>
</select><p><br>
<p><span lang="en-gb"><b>What games are your currently playing?</b></span></p>
<textarea name="othernotes" rows="10" cols="30" maxlength="50" >Any Other Information can go here!
</textarea> </p>

<br><br>

<input type="submit" value="Submit to Player Base">

</div>

</form>


</section>
<!--End of main text-->

<!--start of footer-->

<footer style="text-align:center"><h4>terms of use | About Fisher Gaming | Privacy policy
<br>
<address>
Copyright © 2018 | Fisher Gaming is NOT responsible for the content of external sites. Read about our approach to external linking.</address>
</h4>
</footer>

<!--end of footer-->

</div>
<!-- End of Container-->
</body>
</html>



i hope this is enough to help see where im going wrong as im pretty knew to this and want to get my head around it !.thanks in a advance

User avatar
hyper
php-forum Fan User
php-forum Fan User
Posts: 753
Joined: Mon Feb 22, 2016 5:52 pm

Tue Aug 07, 2018 7:31 am

What errors are you getting?

sfisher89
New php-forum User
New php-forum User
Posts: 3
Joined: Tue Aug 07, 2018 7:17 am

Tue Aug 07, 2018 7:47 am

here is the error, my apoligies.

Error: INSERT INTO playerbasetable (id, emailid, epicid, steamid, ps4id, xboxid, gender, console, platform, othernotes) VALUES ('', 'dfdfdfd', 'dfdfdfd', 'fdfdf', 'dfdfdf','dfdf' 'male', 'xbox', 'console', 'Any Other Information can go here! fdgdfgfdg',)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 2

sfisher89
New php-forum User
New php-forum User
Posts: 3
Joined: Tue Aug 07, 2018 7:17 am

Tue Aug 07, 2018 7:48 am

all the values and field names corresond with the database table so it has to be an error in the php somehow.

User avatar
benanamen
New php-forum User
New php-forum User
Posts: 55
Joined: Mon Oct 16, 2017 1:06 pm

Wed Aug 08, 2018 9:07 am

Your code is wide open to an SQL Injection Attack. You need to use Prepared Statements. Leave the ID out of the query and get rid of the extra comma at the end of the values.
The XY Problem
The XY problem is asking about your attempted solution (X) rather than your actual problem (Y). This leads to enormous amounts of wasted time and energy, both on the part of people asking for help, and on the part of those providing help.

Post Reply