14 Replies - 904 Views - Last Post: 25 August 2016 - 11:11 AM Rate Topic: -----

#1 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Success message and clear form after submission to DB

Posted 24 August 2016 - 03:45 PM

Hello, I'm having an issue where after I enter a product from an admin page to a db I'm getting a 500 internal server error. The product IS being sent to the database, so I'm not sure if it's a problem with how I'm resetting the page/form or not. I would like for it to display a message that the product has been entered and the reset everything so they can enter another one if they'd like. If anyone could point out where I'm going wrong, that would be awesome!

*note* I could have sworn this worked right two weeks ago (I've been on a road trip), when it wasn't working today I added the two echo statements down below to see if that'd work.

<!doctype html>
<?php
	ini_set('display_errors', 1);
	error_reporting(E_ALL);
	include("includes/db.php");
?>
<html>
<head>
<meta charset="utf-8">
<title>Insert Product</title>
  <script src="//cdn.tinymce.com/4/tinymce.min.js"></script>
  <script>tinymce.init({ selector:'textarea' });</script>
</head>

<body bgcolor="skyblue">
        	<div><a href="index.php"><img id="logo" src="../images/g33k_out.png" width="250" height="71" alt="logo" /></a></div><br />
			<div><a href="../../index.html"><img id="tonya" src="../images/logo2.png" width="100" height="36" alt="logo2" /></a></div><br />
	<form action="insert_product.php" method="post" enctype="multipart/form-data">
    	<table align="center" width="700" border="2" bgcolor="orange">
        	<tr align="center">
            	<td colspan="8"><h2>Insert New Product Here</h2></td>
        	</tr>
            <tr>
            	<!-- enter product title -->
            	<td align="right"><b>Product Title:</b></td>
                <td><input type="text" name="product_title" size="50" required /></td>
            </tr>
            
            
            <tr>
            	<td align="right"><b>Product Category:</b></td>
                <!-- select category -->
                <td>
				<select name="product_cat" required>
                <option>Select a Category</option>
                    <?php
                    $get_cats = "select * from catagories";
                    $run_cats = mysqli_query($con, $get_cats);
                    while ($row_cats=mysqli_fetch_array($run_cats)) {
                    $cat_id = $row_cats['cat_id'];
                    $cat_title = $row_cats['cat_title'];

                    echo "<option value='$cat_id'>$cat_title</option>";
    }				
 				?>
                </select>
                </td>
            </tr>
            
            
            <tr>
            	<td align="right"><b>Product Interest:</b></td>
                <td>
                <select name="product_interests" required>
                <option>Select Interest</option>
                <?php
					$get_interests = "select * from interests";	
					$run_interests = mysqli_query($con, $get_interests);
	
					while ($row_interests=mysqli_fetch_array($run_interests)) {
					$interests_id = $row_interests['interests_id'];
					$interests_title = $row_interests['interests_title'];
		
					echo "<option value='$interests_id'>$interests_title</option>";
	
	}
				?>
                </select>
                </td>
            </tr>
            
            <tr>
            	<td align="right"><b>Product Image:</b></td>
                <td><input type="file" name="product_image" required /></td>
            </tr>
            <tr>
            	<td align="right"><b>Product Price:</b></td>
                <td><input type="text" name="product_price" required /></td>
            </tr>
            
            <tr>
            	<td align="right"><b>Product Description:</b></td>
                <td><textarea name="product_desc" cols="20" rows="10" ></textarea></td>
            </tr>
            
            <tr>
            	<td align="right"><b>Product Keywords:</b></td>
                <td><input type="text" name="product_keywords" size="50" required /></td>
            </tr>
            
			<tr align="center">
                <td colspan="8"><input type="submit" name="insert_post" value="Insert Now" /></td>
            </tr>
            
            
            
        </table>
    </form>


</body>
</html>

<?php	
		$servername = "**.**.***.***";
		$username = "******";
		$password = "******";
		$dbname = "g33kout_db";
		
		// create connection
		$conn = new mysqli($servername, $username, $password, $dbname);
		
		//check connection
		if ($conn->connect_error) {
			die("connection failed: " .$conn->connect_error);	
		}
		
		if(isset($_POST['insert_post'])) {
        //get the text data from the fields
        $product_title = $_POST['product_title'];
        $product_cat = $_POST['product_cat'];
        $product_interests = $_POST['product_interests'];
        $product_price = $_POST['product_price'];
        $product_desc = $_POST['product_desc'];
        $product_keywords = $_POST['product_keywords'];

        //get the image from the field and save it in program folder
        $product_image = $_FILES['product_image'] ['name'];
        $product_image_tmp = $_FILES['product_image'] ['tmp_name'];
		move_uploaded_file($product_image_tmp,"product_images/$product_image");


		// prepare and bind
		$stmt = $conn->prepare("INSERT INTO products (product_cat,product_interests,product_title,product_price,product_desc,product_image,product_keywords) VALUES (?,?,?,?,?,?,?)");
		$stmt->bind_param("iisisss", $product_cat,$product_interests,$product_title,$product_price,$product_desc,$product_image,$product_keywords);
		
		$stmt->execute();
		
		// confirm it went to db
		echo "<script>alert('Product Entered')</script>";
		// refresh page
		echo "<script>window.open('insert_product.php','_self')</script>";

		$stmt->close();
		$conn->close();
		}
?>



Is This A Good Question/Topic? 0
  • +

Replies To: Success message and clear form after submission to DB

#2 astonecipher  Icon User is offline

  • Too busy for this
  • member icon

Reputation: 2329
  • View blog
  • Posts: 9,356
  • Joined: 03-December 12

Re: Success message and clear form after submission to DB

Posted 24 August 2016 - 03:48 PM

Check the error logs for what the server says happened.
Was This Post Helpful? 2
  • +
  • -

#3 benanamen  Icon User is offline

  • D.I.C Head

Reputation: 13
  • View blog
  • Posts: 119
  • Joined: 28-March 15

Re: Success message and clear form after submission to DB

Posted 24 August 2016 - 08:13 PM

There are a few problems with your code.

Your processing code should be at the top of the page followed by a header redirect to the same page after successful insert. Get rid of that javascript.

Also, depending on the name of a button to be submitted will completely fail in certain circumstances. You need to use if ($_SERVER['REQUEST_METHOD'] == 'POST')

You dont need to manually close the connection. Php will do it automatically. No idea what your doing with
$stmt->close();. Get rid of it.

Additionally, dont use * for your SELECT. Specify the columns you want. Also, dont create variables for nothing.

This post has been edited by benanamen: 24 August 2016 - 08:20 PM

Was This Post Helpful? 1
  • +
  • -

#4 andrewsw  Icon User is online

  • lashings of ginger beer
  • member icon

Reputation: 6338
  • View blog
  • Posts: 25,553
  • Joined: 12-December 12

Re: Success message and clear form after submission to DB

Posted 24 August 2016 - 11:47 PM

Note that the bgcolor attribute no longer exists, nor do the align and width attributes. Use CSS. Tutorials still promoting these attributes should be discarded.
Was This Post Helpful? 1
  • +
  • -

#5 andrewsw  Icon User is online

  • lashings of ginger beer
  • member icon

Reputation: 6338
  • View blog
  • Posts: 25,553
  • Joined: 12-December 12

Re: Success message and clear form after submission to DB

Posted 24 August 2016 - 11:53 PM

You also perform no sanitizing, error checking or validating of the posted data or the $_FILES array. You just connect to the database and assume that everything is okay.
Was This Post Helpful? 1
  • +
  • -

#6 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:31 AM

Okay I changed a few things that were mentioned (I will do validation and change *SELECT once I get this to work right) and now it's no longer uploading to database and I was still getting the 500 error. I made a webconfig file to get the error log. Here is the new code for now, and then I will print the error.

<!doctype html>
<?php
	ini_set('display_errors', 1);
	error_reporting(E_ALL);
		
	// create connection
	$con = mysqli_connect("**.**.***.***","tonyal","*****!","g33kout_db");
		
	//check connection
	if ($con->connect_error) {
		die("connection failed: " .$con->connect_error);	
	}
		
	if ($_SERVER["REQUEST_METHOD"] == "POST") {
		//get the text data from the fields
		$product_title = $_REQUEST['product_title'];
        $product_cat = $_REQUEST['product_cat'];
        $product_interests = $_REQUEST['product_interests'];
        $product_price = $_REQUEST['product_price'];
        $product_desc = $_REQUEST['product_desc'];
		$product_keywords = $_REQUEST['product_keywords'];
		
        //get the image from the field and save it in program folder
        $product_image = $_FILES['product_image'] ['name'];
        $product_image_tmp = $_FILES['product_image'] ['tmp_name'];
		move_uploaded_file($product_image_tmp,"product_images/$product_image");


		// prepare and bind
		$stmt = $conn->prepare("INSERT INTO products (product_cat,product_interests,product_title,product_price,product_desc,product_image,product_keywords) VALUES (?,?,?,?,?,?,?)");
		$stmt->bind_param("iisisss", $product_cat,$product_interests,$product_title,$product_price,$product_desc,$product_image,$product_keywords);
		
		$stmt->execute();
		
		// confirm it went to db
		// "New records created successfully";
		echo "<script>alert('Product Entered')</script>";
	}
?>
<html>
<head>
	<meta charset="utf-8">
	<title>Insert Product</title>
	<link rel="stylesheet" href="../styles/style.css" media="all"  />
	<script src="//cdn.tinymce.com/4/tinymce.min.js"></script>
	<script>tinymce.init({ selector:'textarea' });</script>
</head>
<body>
    <div><a href="index.php"><img id="logo" src="../images/g33k_out.png" width="250" height="71" alt="logo" /></a></div><br />
	<div><a href="../../index.html"><img id="tonya" src="../images/logo2.png" width="100" height="36" alt="logo2" /></a></div><br />
	
	<form action="insert_product.php" method="post" enctype="multipart/form-data">
    	<table>
        	<tr>
            	<td colspan="8"><h2 class="center">Insert New Product Here</h2></td><br /><br />
        	</tr>
            <tr>
            	<!-- enter product title -->
            	<td><b>Product Title:</b></td>
                <td><input type="text" name="product_title" size="50" required /></td>
            </tr>
            <tr>
				<!-- select category -->
            	<td><b>Product Category:</b></td>
                <td>
				<select name="product_cat" required>
                <option>Select a Category</option>
                    <?php
                    $get_cats = "select * from catagories";
                    $run_cats = mysqli_query($con, $get_cats);
                    while ($row_cats=mysqli_fetch_array($run_cats)) {
                    $cat_id = $row_cats['cat_id'];
                    $cat_title = $row_cats['cat_title'];

                    echo "<option value='$cat_id'>$cat_title</option>";
    }				
 				?>
                </select>
                </td>
            </tr>           
            <tr>
				<!-- select interest -->
            	<td><b>Product Interest:</b></td>
                <td>
                <select name="product_interests" required>
                <option>Select Interest</option>
                <?php
					$get_interests = "select * from interests";	
					$run_interests = mysqli_query($con, $get_interests);
	
					while ($row_interests=mysqli_fetch_array($run_interests)) {
					$interests_id = $row_interests['interests_id'];
					$interests_title = $row_interests['interests_title'];
		
					echo "<option value='$interests_id'>$interests_title</option>";
	
	}
				?>
                </select>
                </td>
            </tr>        
            <tr>
				<!-- insert product image -->
            	<td><b>Product Image:</b></td>
                <td><input type="file" name="product_image" required /></td>
            </tr>
            <tr>
				<!-- insert product price -->
            	<td><b>Product Price:</b></td>
                <td><input type="text" name="product_price" required /></td>
            </tr>
            <tr>
				<!-- insert product description -->
            	<td><b>Product Description:</b></td>
                <td><textarea name="product_desc" cols="20" rows="10" ></textarea></td>
            </tr>       
            <tr>
				<!-- insert product keywords -->
            	<td><b>Product Keywords:</b></td>
                <td><input type="text" name="product_keywords" size="50" required /></td>
            </tr>            
			<tr align="center">
				<!-- submit -->
                <td colspan="8"><input type="submit" name="POST" value="Insert Now" /></td>
            </tr>           
        </table>
    </form>
</body>
</html>



This is the error log:
PHP Warning: move_uploaded_file(product_images/deadpool_battle_yhatzee_17_99.jpg): failed to open stream: Permission denied in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 27
PHP Warning: move_uploaded_file(): Unable to move 'C:\Windows\Temp\php8F15.tmp' to 'product_images/deadpool_battle_yhatzee_17_99.jpg' in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 27
PHP Notice: Undefined variable: conn in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 31
PHP Fatal error: Call to a member function prepare() on a non-object in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 31

I'm really scratching my head over this - any directions on how to fix it will be gratefully appreciated. For now I just want it to upload to database, give a message that it was successful, and reset. Thanks rockstars!

Doh! Fixed the $conn type: now I'm down to this error message:
PHP Warning: move_uploaded_file(product_images/adipose_21_99.jpg): failed to open stream: Permission denied in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 26
PHP Warning: move_uploaded_file(): Unable to move 'C:\Windows\Temp\php906.tmp' to 'product_images/adipose_21_99.jpg' in G:\PleskVhosts\tonyalesher.com\httpdocs\G33kOut\adminarea\insert_product.php on line 26

This post has been edited by tonyal: 25 August 2016 - 10:28 AM

Was This Post Helpful? 0
  • +
  • -

#7 astonecipher  Icon User is offline

  • Too busy for this
  • member icon

Reputation: 2329
  • View blog
  • Posts: 9,356
  • Joined: 03-December 12

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:37 AM

Permission denied, says it all. You need to change the permissions on the directory.
Was This Post Helpful? 2
  • +
  • -

#8 benanamen  Icon User is offline

  • D.I.C Head

Reputation: 13
  • View blog
  • Posts: 119
  • Joined: 28-March 15

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:38 AM

You need to get rid of all those variables for nothing. And why, if you are expecting a POST response, are you using REQUEST?
Was This Post Helpful? 1
  • +
  • -

#9 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:47 AM

View Postbenanamen, on 25 August 2016 - 10:38 AM, said:

You need to get rid of all those variables for nothing. And why, if you are expecting a POST response, are you using REQUEST?


Which variables are you speaking of? Do you mean the ones for the values that the user enters? I switch to REQUEST after someone above suggested it. Sorry, I'm just really lost!
Was This Post Helpful? 0
  • +
  • -

#10 benanamen  Icon User is offline

  • D.I.C Head

Reputation: 13
  • View blog
  • Posts: 119
  • Joined: 28-March 15

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:50 AM

I mean all this:

$product_title = $_REQUEST['product_title'];
$product_cat = $_REQUEST['product_cat'];
$product_interests = $_REQUEST['product_interests'];
$product_price = $_REQUEST['product_price'];
$product_desc = $_REQUEST['product_desc'];
$product_keywords = $_REQUEST['product_keywords'];

If you are not transforming the values then use the POST value. i.e. $_POST['product_title']

This post has been edited by benanamen: 25 August 2016 - 10:53 AM

Was This Post Helpful? 0
  • +
  • -

#11 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:53 AM

Oh, I thought I needed to do that. I followed http://www.w3schools...uperglobals.asp example. Is there a simpler way? (new to PHP)
Was This Post Helpful? 0
  • +
  • -

#12 ArtificialSoldier  Icon User is online

  • D.I.C Lover
  • member icon

Reputation: 1789
  • View blog
  • Posts: 5,700
  • Joined: 15-January 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 10:59 AM

There's just not much of a reason to copy all of the values to different variables, you don't gain anything by doing that. You can use the values in $_POST when you insert the record to the database.
Was This Post Helpful? 1
  • +
  • -

#13 benanamen  Icon User is offline

  • D.I.C Head

Reputation: 13
  • View blog
  • Posts: 119
  • Joined: 28-March 15

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 11:04 AM

Yeah, w3schools is not the best place to learn. They are outdated. The code they have on that link is vulnerable to an XSS Attack.

Try Code Academy

This post has been edited by benanamen: 25 August 2016 - 11:05 AM

Was This Post Helpful? 1
  • +
  • -

#14 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 11:05 AM

Ah I see, thank you. I will get on that. :)

View Postbenanamen, on 25 August 2016 - 11:04 AM, said:

Yeah, w3schools is not the best place to learn. They are outdated. The code they have on that link is vulnerable to an XSS Attack.

Try Code Academy


Thank you, I will try that site!
Was This Post Helpful? 0
  • +
  • -

#15 tonyal  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 85
  • Joined: 23-September 14

Re: Success message and clear form after submission to DB

Posted 25 August 2016 - 11:11 AM

View Postastonecipher, on 25 August 2016 - 10:37 AM, said:

Permission denied, says it all. You need to change the permissions on the directory.

Thank you, got it to work. Now, to work on all the suggestions!
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1