How Should I save input values of HTML form in sql from php


 <?php
        $servername = "localhost";
        $username = "root";
        $password = "";
        $dbname = "candidatesList";
        //create connection
        $conn = mysqli_connect($servername, $username, $password,$dbname);
        // Check connection
        if (!$conn) {
            die("Connection failed: " . mysqli_connect_error());
        }
//        $sql = "INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES ('', '', '', '', '', '','','')";
    ?>
</head>

<body>
    <div class="container-fluid">
        <div class="row">
            <div class="col-xs-12 header">
                <h3 class="pull-left">Track your Candidates</h3>
                <button type="button" class="pull-right btn btn-primary exportBtn" data-toggle="modal" data-target=".exportTable"><i class="glyphicon glyphicon-save saveIcon"></i>&nbsp;Export to Excel</button>
                <div class="clear"></div>
            </div>
            <div class="col-xs-12">
                <div class="col-lg-12 formWrapper">
                    <form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="sourcingHR">Sourcing HR</label>
                            <input type="text" class="form-control" id="sourcingHR" value="<?php echo $Sourcing_HR;?>" name="Sourcing_HR" placeholder="Sourcing HR">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="dateOfSourcing">Date of Sourcing</label>
                            <input type="text" class="form-control" id="dateOfSourcing" name="DOS" placeholder="Date of sourcing">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="candidateName">Candidate Name</label>
                            <input type="text" class="form-control" id="candidateName" name="Candidate_Name" placeholder="Candidate Name">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="totalExperience">Total Experience</label>
                            <input type="text" class="form-control" id="totalExperience" name="Total_Experience" placeholder="Total Experience">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="currCTC">Curr. CTC</label>
                            <input type="text" class="form-control" id="currCTC" name="Current_CTC" placeholder="Current CTC">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="expCTC">Exp. CTC</label>
                            <input type="text" class="form-control" id="expCTC" name="Expected_CTC" placeholder="Expected CTC">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="currLocation">Current Location</label>
                            <input type="text" class="form-control" id="currLocation" name="Current_Location" placeholder="Current Location">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="prefLocation">Preferred Location</label>
                            <input type="text" class="form-control" id="prefLocation" name="Preferred_Location" placeholder="Preferred Location">
                        </div>
                        <div class="form-group col-xs-12 text-right">
                            <button class="btn btn-success" type="submit">
                                <i class="glyphicon glyphicon-floppy-disk saveIcon"></i>&nbsp;Save
                            </button>
                        </div>
                    </form>

                </div>
            </div>
        </div>
    </div>

Here I have created Data base and now I want to save values into the database for the following fields but it is giving undefined index. what can I do for this.

        if(!empty($_POST['Sourcing_HR'] AND $_POST['DOS'] AND $_POST['Candidate_Name'] AND $_POST['Candidate_Name'] AND $_POST['Total_Experience'] AND $_POST['Current_CTC'] AND $_POST['Expected_CTC'] AND $_POST['Current_Location'] AND $_POST['Preferred_Location'])){
            $sql = "INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES ('$Sourcing_HR', '$DOS', '$Candidate_Name', '$Total_Experience', '$Current_CTC', '$Expected_CTC','$Current_Location','$Preferred_Location')";
            echo($_POST[$Sourcing_HR.' '. $DOS.' '. $Candidate_Name.' '. $Total_Experience.' '. $Current_CTC.' '. $Expected_CTC.' '. $Current_Location.' '. $Preferred_Location]);
        }

        if (isset($_POST['Sourcing_HR'])) {
            $Sourcing_HR = $_POST['Sourcing_HR'];
        }

    ?>

This is not working properly please help if anyone out there*

 <?php
        $servername = "localhost";
        $username = "root";
        $password = "";
        $dbname = "candidatesList";
        //create connection
        $conn = mysqli_connect($servername, $username, $password,$dbname);
        // Check connection
        if (!$conn) {
            die("Connection failed: " . mysqli_connect_error());
        }
//        $sql = "INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES ('', '', '', '', '', '','','')";
    ?>
    
    <?php
        $sql = "INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES ('', '', '', '', '', '','','')";
        // getting values of input fields from form
        $Sourcing_HR = mysqli_real_escape_string($conn,$_POST['Sourcing_HR']);
        $DOS = mysqli_real_escape_string($conn,$_POST['DOS']); 
        $Candidate_Name = mysqli_real_escape_string($conn,$_POST['Candidate_Name']); 
        $Total_Experience = mysqli_real_escape_string($conn,$_POST['Total_Experience']);
        $Current_CTC = mysqli_real_escape_string($conn,$_POST['Current_CTC']);
        $Expected_CTC = mysqli_real_escape_string($conn,$_POST['Expected_CTC']);
        $Current_Location = mysqli_real_escape_string($conn,$_POST['Current_Location']);
        $Preferred_Location = mysqli_real_escape_string($conn,$_POST['Preferred_Location']);
    
        if(!empty($_POST['Sourcing_HR'] AND $_POST['DOS'] AND $_POST['Candidate_Name'] AND $_POST['Candidate_Name'] AND $_POST['Total_Experience'] AND $_POST['Current_CTC'] AND $_POST['Expected_CTC'] AND $_POST['Current_Location'] AND $_POST['Preferred_Location'])){
            $sql = "INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES ('$Sourcing_HR', '$DOS', '$Candidate_Name', '$Total_Experience', '$Current_CTC', '$Expected_CTC','$Current_Location','$Preferred_Location')";
            echo($_POST[$Sourcing_HR.' '. $DOS.' '. $Candidate_Name.' '. $Total_Experience.' '. $Current_CTC.' '. $Expected_CTC.' '. $Current_Location.' '. $Preferred_Location]);
        }
    
        if (isset($_POST['Sourcing_HR'])) {
            $Sourcing_HR = $_POST['Sourcing_HR'];
        }
        
    ?>
</head>

<body>
    <div class="container-fluid">
        <div class="row">
            <div class="col-xs-12 header">
                <h3 class="pull-left">Track your Candidates</h3>
                <button type="button" class="pull-right btn btn-primary exportBtn" data-toggle="modal" data-target=".exportTable"><i class="glyphicon glyphicon-save saveIcon"></i>&nbsp;Export to Excel</button>
                <div class="clear"></div>
            </div>
            <div class="col-xs-12">
                <div class="col-lg-12 formWrapper">
                    <form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="sourcingHR">Sourcing HR</label>
                            <input type="text" class="form-control" id="sourcingHR" value="<?php echo $Sourcing_HR;?>" name="Sourcing_HR" placeholder="Sourcing HR">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="dateOfSourcing">Date of Sourcing</label>
                            <input type="text" class="form-control" id="dateOfSourcing" name="DOS" placeholder="Date of sourcing">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="candidateName">Candidate Name</label>
                            <input type="text" class="form-control" id="candidateName" name="Candidate_Name" placeholder="Candidate Name">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="totalExperience">Total Experience</label>
                            <input type="text" class="form-control" id="totalExperience" name="Total_Experience" placeholder="Total Experience">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="currCTC">Curr. CTC</label>
                            <input type="text" class="form-control" id="currCTC" name="Current_CTC" placeholder="Current CTC">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="expCTC">Exp. CTC</label>
                            <input type="text" class="form-control" id="expCTC" name="Expected_CTC" placeholder="Expected CTC">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="currLocation">Current Location</label>
                            <input type="text" class="form-control" id="currLocation" name="Current_Location" placeholder="Current Location">
                        </div>
                        <div class="form-group col-xs-12 col-md-3">
                            <label for="prefLocation">Preferred Location</label>
                            <input type="text" class="form-control" id="prefLocation" name="Preferred_Location" placeholder="Preferred Location">
                        </div>
                        <div class="form-group col-xs-12 text-right">
                            <button class="btn btn-success" type="submit">
                                <i class="glyphicon glyphicon-floppy-disk saveIcon"></i>&nbsp;Save
                            </button>
                        </div>
                    </form>

                </div>
            </div>
        </div>
    </div>
    

*

- - Source

Answers

answered 4 mon ago mickmackusa #1

empty() does not accept multiple parameters, and even if it did (like isset()) it would expect them to be separated by commas (not AND).

You can check that all expected POST keys exist with isset() in a single call like this:

if (isset($_POST['Sourcing_HR'], $_POST['DOS'], $_POST['Candidate_Name'],
          $_POST['Candidate_Name'], $_POST['Total_Experience'], $_POST['Current_CTC'],
          $_POST['Expected_CTC'], $_POST['Current_Location'], $_POST['Preferred_Location'])) {

Or if you wish, use !empty() to ensure that none of the values are empty and do not contain the string 0. !empty() must be called on each element though.

if (!empty($_POST['Sourcing_HR']) && !empty($_POST['DOS']) && !empty($_POST['Candidate_Name'])
    && !empty($_POST['Candidate_Name']) && !empty($_POST['Total_Experience'])
    && !empty($_POST['Current_CTC']) && !empty($_POST['Expected_CTC'])
    && !empty($_POST['Current_Location']) && !empty($_POST['Preferred_Location'])) {

If you wish to offer individualized feedback on specific fields that did not contain required data, you will have to make separate if conditions (more code to write).

After you have checked that all expected elements exist, please use prepared statement with placeholders and bound parameters for security and stability (rather than mysqli escaping).

Here is an untested suggestion using object-oriented syntax:

if (!$conn = new mysqli("localhost", "root", "", "candidatesList")) {
    echo "Database Connection Error: " , $conn->connect_error;  // don't show exact error publicly
} else {
    if (!$stmt = $conn->prepare("INSERT INTO candidatesListFields (Sourcing_HR, DOS, Candidate_Name, Total_Experience, Current_CTC, Expected_CTC, Current_Location, Preferred_Location) VALUES (?,?,?,?,?,?,?,?)")) {
        echo "Prepare Syntax Error: " , $conn->error;   // don't show exact error publicly
    } else {
        if (!$stmt->bind_param("ssssssss", $_POST['Sourcing_HR'], $_POST['DOS'], $_POST['Candidate_Name'], $_POST['Total_Experience'], $_POST['Current_CTC'], $_POST['Expected_CTC'], $_POST['Current_Location'], $_POST['Preferred_Location']) || !$stmt->execute()) {
            echo "Query Error: " , $stmt->error;   // don't show exact error publicly
        }else{
            echo "Success";
        }
        $stmt->close();
    }
    $conn->close();
}

answered 4 mon ago Shapa Nur Alam #2

U Should Used && !empty($_POST['DOS'])not the ,

comments powered by Disqus