2

My code 

<?php
require('connect.php');
$name=$_POST['name'];
$comment=$_POST['comment'];
$submit=$_POST['submit'];

if($submit){
    if($name&&$comment) {
        $insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment')"); 
    }
    else {
        echo" please fill out the fields";
    }
}
?>

<html>
    <head>
        <title>
            The comment box
        </title>
    </head>

    <body>
        <form action="mainpage.php" method="POST">
            <table>
                <tr><td>Name:</td><td><input type="text" name="name"/></td></tr>
                <tr><td colspan="2">Comment:</td></tr>
                <tr><td colspan="2"><textarea name="comment"></textarea></td></tr>
                <tr><td colspan="2"><input type="submit" name="submit" value="comment"/></td></tr>
            </table>
        </form>
    </body>
</html>

It's very simple code, when I open the file I get these errors:

but they disappear after I add something in the textarea, but the inserted data doesn't go to database.

Notice: Undefined index: name in C:\xampp\htdocs\test\mainpage.php on line 5

Notice: Undefined index: comment in C:\xampp\htdocs\test\mainpage.php on line 6

Notice: Undefined index: submit in C:\xampp\htdocs\test\mainpage.php on line 7

Please help I tried everything.

Improve this question
2
  • a) That code, as is, is vulnerable to SQL injection b) are you actually opening a connection in connect.php or just including the necessary classes/functions? Commented May 7, 2014 at 11:51
  • Also: What text are you currently typing into the input & textarea respectively to test the code? Commented May 7, 2014 at 12:07

5 Answers 5

Reset to default
2

Change

<form action="mainpage.php" method="POST">

to

<form action="mainpage.php" method="post">

Possible (case-insensitive) values are get (the default) and post.

Instead of

 $submit=$_POST['submit'];

 if($submit){

, try to use if (!empty($_POST))

Before trying to access the variables that are posted through form, you have to check whether it is set or not using isset(). Because, at first time when you are accessing the page without submitting the form, it will throw error as the values are not posted.

Change the code to:

<?php
require('connect.php');
if(!empty($_POST))
{
if(isset($_POST['name']))
   $name=$_POST['name'];
if(isset($_POST['comment']))
$comment=$_POST['comment'];
            $insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment')"); 

}
else {
        echo" please fill out the fields";
    }
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thank you, but I got the same errors. noting changed.
I tried to add this if (!empty($_POST)) the submit error disappear, but the rest still exist and noting shows in database
Updated my answer..I think there is some error in your sql..Try to echo the sql and execute it to find the errors.
Yeah there's was an small error and with your idea I got rid of the submit error thank you.
2

Don't use $var = $_POST['sth']. Use this:

$sth = null;
if(isset($_POST['sth'])) {
    $sth = $_POST['sth'];
}

Or, a shorter way:

$sth = isset($_POST['sth']) ? $_POST['sth'] : null;

You can also use '' or false instead of null

Replace this:

$name=$_POST['name'];
$comment=$_POST['comment'];
$submit=$_POST['submit'];

with this:

$name    = issset($_POST['name'])   ? addslashes($_POST['name'])    : false;
$comment = isset($_POST['comment']) ? addslashes($_POST['comment']) : false;
$submit  = isset($_POST['submit'])  ? addslashes($_POST['submit'])  : false;

To check if there is a mysql error, replace this line:

$insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment')");

with this:

$insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment')") or die(mysql_error());
Improve this answer

4 Comments

All the errors have disappeared I used this code as well
if (!empty($_POST)) and the one u suggested $comment=null; if(isset($_POST['comment'])) { $comment = $_POST['comment']; }
But the Data doesn't appear in the Database.
I updated my answer. If the result is the same, add if(!$insert) die(mysql_error()) else echo 'The data has been successfully insertted'; after the query
1 
<?php

 require('connect.php');
 if(isset($_POST)){    //use condition for post
 $name=$_POST['name'];
 $comment=$_POST['comment'];
 $submit=$_POST['submit'];

 if($submit){

     if($name&&$comment){

     $insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment')"); 
     }
        else{

           echo" please fill out the fields";

      }


 }

 }


 ?>



 <html>

 <head>
 <title>
 The comment box
 </title>
 </head>

 <body>
 <form action="mainpage.php" method="POST">
 <table>
 <tr><td>Name:</td><td><input type="text" name="name"/></td></tr>
 <tr><td colspan="2">Comment:</td></tr>
  <tr><td colspan="2"><textarea name="comment"></textarea></td></tr>
  <tr><td colspan="2"><input type="submit" name="submit" value="comment"/></td></tr>

 </table>
 </form>
 </body>

 </html>
Improve this answer

Comments

1

You can rewrite your code as, Added isset() . 

    if(isset($_POST['submit'])){
        $name= $_POST['name'];
        $comment= $_POST['comment'];
        if(!empty($name) && !empty($comment)){
            $insert=mysql_query("INSERT INTO `comment` (`name`,`comment`) VALUES ('$name','$comment')") or die(mysql_error());
        }else{ 
            echo" please fill out the fields";
        }

    }

Note: Use mysqli_* or PDO functions instead of using mysql_* functions(deprecated)

Improve this answer

Comments

0

you should check if you have a form posted or not use if($_POST) right after <?PHP and } before ?>

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.