Technology. Education. Art (TEA) TEAlearn.org

Home > Courses > Web development using PHP and MySQL > Insert data into Database using PHP

Insert data into Database using PHP

Subject: Web development using PHP and MySQL

Here is the code for the Feedback form again with little modification.

contact.htm


<HTML>
<HEAD>
<TITLE> Company Feedback </TITLE>
</HEAD>
<BODY>
<form method="post" action="contactdb.php">
    <table>
<tr><td colspan="2"><b>FEEDBACK FORM</b></td></tr>
     <tr><td><strong> Name</strong></td>
<td>
<input name="names" type="text" id="names" size="30"/>
</td>
    </tr>
    <tr><td><strong>Email</strong></td>
<td>
<input name="email" type="text" id="email" size="30" />
</td>
    </tr>
    <tr><td></td>
<td>
<textarea name="comment" cols="30" rows="5" id="comment">
</textarea>
</td>
     </tr>
     <tr>
<td></td>
<td><input type="submit" name="submit" value="Submit" /></td>
     </tr>
     </table>
 </form>
</BODY>
</HTML>

And below is the contactdb.php that this form is submits to

contactdb.php


<?php
//include the connection string
include("conn.php");
if(isset($_REQUEST['submit'])){
	
	// keep the form data in variable  
	$names = mysqli_escape_string($conn, $_REQUEST['names']);
	$email = mysqli_escape_string($conn, $_REQUEST['email']);
	$comment = mysqli_escape_string($conn, $_REQUEST['comment']);
	
	$sql="INSERT INTO feedback (name, email, comment, date_submit) VALUES ('$names','$email', '$comment',now())";  
	$result = mysqli_query($conn, $sql) or die($sql);
	
	if($result){
		$msg = "Thanks $name for your feedback.";
	}
}
?>
<HTML>
<HEAD>
<TITLE> Company Feedback </TITLE>
</HEAD>
<BODY>
<?php
if(isset($msg)){
	// display the thanks msg
	print $msg;
}
?>
</BODY>
</HTML>

The PHP codes in contactdb.php is well commented.
The first line include("conn.php"); includes the conn.php file which contains the connection string to our database.

The next set of lines contains variables that hold the values from the submitted forms


// keep the form data in variable   
$names = mysqli_escape_string($conn, $_REQUEST['names']);
	$email = mysqli_escape_string($conn, $_REQUEST['email']);
	$comment = mysqli_escape_string($conn, $_REQUEST['comment']);

Notice that we use the mysqli_escape_string() function to clean up our entering since we cannot trust the person accessing our website from all over the world.

This was followed by another variable that hold the SQL INSERT statement


$sql="INSERT INTO feedback (name, email, comment, date_submit) VALUES ('$names','$email', '$comment',now())";

This SQL statement INSERT the values from the contact form to the feedback table.

First we specified the fields of the table (name, email, comment, date_submit) followed by the values we want to insert which are already held by their respective variables ('$names','$email', '$comment',now()).
I purposely left out
the first field (id) because we have set this field to an auto-generated number and that will be taken care of by MySQL.

The name field will store the value from the variable $names, same followed by email and comment field, the lasted date_submit field uses a built in MySQL function now() to insert the current date and time.

Finally we have the “Thank you” message in a variable $msg if the insert query is successful


if($result){
		$msg = "Thanks $name for your feedback.";
}

Then the value of the $msg will now be displayed on the HTML BODY section of the file


if(isset($msg)){
	// display the thanks msg
	print $msg;
}

You can go ahead to test it by first accessing the contact.htm complete and submit the form.

The form would post it's data to contactdb.php which will add or insert the data to the feedback table of our bgdb database and display a thank you message on the screen.

FeedBack form