How do I insert data retrieved from a mysql database back into another table.

Question

0.00/5 (No votes)

See more:

Hi all,

I have 2 tables. tbl_category & tbl_products

Im trying to retrieve the category value from tbl-category into a dropdown list using select and then insert the value selected into tbl_products column category_name on form submission.

I have the dropdown working and I am retrieving the categories correctly however when posting the form nothing gets inserted into tbl_products and no error messages are displayed on screen.

HTML FORM ACTION

HTML

<pre><form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" enctype='multipart/form-data'>
    <p>
        	
		<label for="name">Product Category:</label>
		<?php include 'global.php';
		echo '<select id="category_name" name="category_name">';

  $sql = mysql_query("SELECT category_name FROM tbl_category");
  while ($row = mysql_fetch_array($sql)){
    echo "<option value='".$row['category_name']."'>".$row['category_name']."</option>";
  }
  echo '</select>';
  
  ?>
      <input name="submit" type="submit" class="btn-action" value="Add Product">
</form>

PHP CODE

<?php
include 'global.php';
// Escape user inputs for security
$code = mysqli_real_escape_string($link, $_REQUEST['code']);
$name = mysqli_real_escape_string($link, $_REQUEST['name']);
$price = mysqli_real_escape_string($link, $_REQUEST['price']);			
 
// Attempt insert query execution
if(isset($_POST['submit'])) {
		$category_name = $_POST['category_name'];					
				
	//Process the image that is uploaded by the user
    $target_dir = "product/";
    $target_file = $target_dir . basename($_FILES["imageUpload"]["name"]);
    $uploadOk = 1;
	
	$extensions_arr = array("jpg","jpeg","png","gif");
    $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION,$extensions_arr);

    if (move_uploaded_file($_FILES["imageUpload"]["tmp_name"], $target_file)) {
        //echo "The file ". basename( $_FILES["imageUpload"]["name"]). " has been uploaded.";
    } else {
        echo "Issue with image";echo "</br>";
    }
	
    $image=basename($_FILES["imageUpload"]["name"]); // used to store the filename in a variable
			 	
				
            $sql = "insert into tbl_product(code,category_name,name,price,image) 
			values('".$code."','".$name."','".$category_name."','".$price."', '".$target_file."')";
						
						
if(mysqli_query($link, $sql)){
  // Upload file
      
    echo "Product added successfully";
        }
		else{
    echo "" . mysqli_error($link);
}
	}
 
// Close connection
mysqli_close($link); ?>

What I have tried:

I have tried following numerous you tube videos and tutorials to get this to work however without success.

Posted 25-Mar-20 7:22am

Member 13126101

Add a Solution

Comments

Richard Deeming 25-Mar-20 14:02pm

$sql = "insert into tbl_product(code,category_name,name,price,image) 
values('".$code."','".$name."','".$category_name."','".$price."', '".$target_file."')";

Not like that!

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]

Member 13126101 25-Mar-20 14:08pm

Thanks for your reply.

What do I need to change with the below apart from using parameterized querys? Thanks

$sql = "insert into tbl_product(code,category_name,name,price,image)
values('".$code."','".$name."','".$category_name."','".$price."', '".$target_file."')";

MadMyche 25-Mar-20 14:02pm

What is happening?

Member 13126101 25-Mar-20 14:07pm

im getting the results from tbl_categorys into a dropdown box using select however cannot post this value back to a tbl_products

$sql = "insert into tbl_product(code,category_name,name,price,image)
values('".$code."','".$name."','".$category_name."','".$price."', '".$target_file."')";

DerekT-P 25-Mar-20 14:37pm

Your code relates more to uploading a file than to the insert, but the HTML you show makes no reference to a file upload. We don't know what's in global.php (we don't need usernames and passwords in connection strings though) but as you're only showing us part of the code, and presumably the wrong code at that, it's hard to tell. We also don't know the definition of the table, so don't know if what you're trying to insert is appropriate.
In the meantime, suggest you try single-stepping through the code in your debugger to see what's happening. If for some reason you can't do that, then set your php config to display error messages, put echo statements in your code to show where execution is flowing, etc.. etc; all the usual debugging steps basically.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)