Good day. I'm new, trying to create a form where you can insert data into the database and display it on the page. I have 2 tables in the database - film and category. The code is as follows:
<?php // login page with php code require_once 'log.php'; if (isset($_POST['delete'])) { $id = get_post($conn, 'id'); $query = "DELETE FROM film WHERE id='$id'"; $result = $conn->query($query); if (!$result) echo "DELETE failed: $query<br>" . $conn->error . "<br><br>"; } if (isset($_POST['title']) && isset($_POST['director']) && isset($_POST['year']) && isset($_POST['type'])) { $title = mysql_real_escape_string($_POST['title']); $director = mysql_real_escape_string($_POST['director']); $year = mysql_real_escape_string($_POST['year']); $type = mysql_real_escape_string($_POST['type']); $query1 = "INSERT INTO film (title, director, year) VALUES ($title', '$director', '$year')"; $query2 = "INSERT INTO category (type) VALUES ('$type')"; $result1 = $conn->query($query1); $result2 = $conn->query($query2); if (!$result1) echo "INSERT failed: $query1<br>" . $conn->error . "<br><br>"; if (!$result2) echo "INSERT failed: $query2<br>" . $conn->error . "<br><br>"; } echo <<<_END <form action="" method="post"><pre> Title <input type="text" name="title"> Director <input type="text" name="director"> Year <input type="text" name="year"> Type <input type="text" name="type"> <input type="submit" value="ADD RECORD"> </pre></form> _END; echo "<table>"; echo "<tr> <th>Title</th> <th>Director</th> <th>Year</th> <th>Genre</th> <th>Update</th> <th>Delete</th></tr>"; $query = "SELECT title,director,year,type FROM film JOIN category ON category.catID=film.catID"; $result = $conn->query($query); if (!$result) die ("Database access failed: " . $conn->error); $rows = $result->num_rows; for ($j = 0 ; $j < $rows ; ++$j) { $result->data_seek($j); $row = $result->fetch_array(MYSQLI_NUM); echo "<tr>"; echo '<td>' . $row[0] . '</td>'; echo '<td>' . $row[1] . '</td>'; echo '<td>' . $row[2] . '</td>'; echo '<td>' . $row[3] . '</td>'; echo '<td>Edit</td>'; echo '<td><button type="delete" name="delete" value="delete">delete</button></td>'; echo "</tr>"; } echo "</table>"; ?> Gives an error message
"INSERT failed: INSERT INTO film (title, director, year) VALUES ('h', 'h', '1890')"
What's wrong?
Update
<?php // login page with php code require_once 'log.php'; if (isset($_POST['delete']) && isset($_POST['id'])) { $id = get_post($conn, 'id'); $query = "DELETE FROM film WHERE id='$id'"; $result = $conn->query($query); if (!$result) echo "DELETE failed: $query<br>" . $conn->error . "<br><br>"; } if (isset($_POST['title']) && isset($_POST['director']) && isset($_POST['year']) && isset($_POST['type'])) { $title = mysql_real_escape_string($_POST['title']); $director = mysql_real_escape_string($_POST['director']); $year = mysql_real_escape_string($_POST['year']); $type = mysql_real_escape_string($_POST['type']); $query = "INSERT INTO film (title, director, year, type) VALUES ('".$title."', '".$director."', '".$year."', '".$type."')"; $result = $conn->query($query); if (!$result) echo "INSERT failed: $query<br>" . $conn->error . "<br><br>"; } echo <<<_END <form action="" method="post"><pre> Title <input type="text" name="title"> Director <input type="text" name="director"> Year <input type="text" name="year"> <input type="radio" name="type" id="drama" value="drama" checked> drama<br> <input type="radio" name="type" id="mystery" value="mystery"> mystery<br> <input type="radio" name="type" id="thriller" value="thriller"> thriller <br> <input type="radio" name="type" id="comedy" value="comedy"> comedy <input type="submit" value="ADD RECORD"> </pre></form> _END; echo "<table>"; echo "<tr> <th>ID</th> <th>Title</th> <th>Director</th> <th>Year</th><th>Category</th><th>Update</th> <th>Delete</th></tr>"; $query = "SELECT id,title,director,year,type FROM film"; $result = $conn->query($query); if (!$result) die ("Database access failed: " . $conn->error); $rows = $result->num_rows; for ($j = 0 ; $j < $rows ; ++$j) { $result->data_seek($j); $row = $result->fetch_array(MYSQLI_NUM); echo '<tr>'; echo '<td>' . $row[0] . '</td>'; echo '<td>' . $row[1] . '</td>'; echo '<td>' . $row[2] . '</td>'; echo '<td>' . $row[3] . '</td>'; echo '<td>' . $row[4] . '</td>'; echo '<td>Edit</td>'; echo '<td><form action="" method="post"> <input type="hidden" name="delete" value="yes"> <input type="hidden" name="id" value="$row[id]"> <input type="submit" value="delete"></form></td>'; echo '</tr>'; } echo "</table>"; $result->close(); $conn->close(); function get_post($conn, $var) { return $conn->real_escape_string($_POST[$var]); } ?> This is a reworked version. I removed the second table from the database, filling out the form works, but deleting does not. Where is the mistake?
