Currently I am working on an apply form that staff taking leave. The form is user need to fill on their leaveDuration, leaveDate and reason only. I need to pass the values that they fill in the input to database so I can retrieve. After the user done submit, there will be a message said submitted and redirect to home.php. This problem had stucked me for few days already… Thanks for helping me and I appreciate on your help…
This is the code that I currently have problem passing the values into the database called leave_management The functions that I place at the top of the form.php
<?php
$db = mysqli_connect("localhost", "root", "", "leave_management");
if($db === false)
die("ERROR: Could not connect. ");
if(isset($_POST['submit_btn']))
{
$ID = $_SESSION['user']['ID'];
$leaveType = $_POST['leaveType'];
$leaveDuration = $_POST['leaveDuration'];
$dateFrom = $_POST['dateFrom'];
$reason = $_POST['reason'];
$status;
$query = "INSERT INTO form (ID, formID, leaveType, leaveDuration, dateFrom, reason, status, dateApprove, approveBy, remark, Created, Modified)
VALUES ('$ID', NULL, '$leaveType', '$leaveDuration', '$dateFrom', '$reason', 'Pending', '', NULL, '', '', '')";
//mysqli_query($db, $query);
if(mysqli_query($db ,$query)){
echo "Records inserted successfully.";
} else{
echo "ERROR";
}
header("Location: home.php");
}
?>
This is the form that user need to fill
<form role="form" method="post" action="form.php">
<div class="form-group">
<label for="employeeName">
Employee Name:
</label>
<input type="text" class="form-control" value="<?php echo $_SESSION['user']['name']?>" id="employeeName" name="name" disabled />
</div>
<div class="form-group">
<label for="ICno">
IC Number:
</label>
<input type="text" class="form-control" value="<?php echo $_SESSION['user']['IC']?>" id="ICno" name="IC" disabled />
</div>
<div class="form-group">
<label for="selectLeave">
Apply Leave for:  
</label>
<select name="leaveType" required>
<option value="Annual Leave">Annual Leave</option>
<option value="Unpaid Leave">Unpaid Leave</option>
<option value="Sick Leave">Sick Leave</option>
</select>
</div>
<div class="form-inline">
<label for="duration">
Duration:  
</label>
<input type="number" class="form-control" id="duration" name="leaveDuration" required />  day(s)
</div>
<br>
<div class="form-inline">
<label for="dateFrom">
Date from:  
</label>
<input type="date" class="form-control" id="datetimepicker" name="dateFrom" required />
</div>
<br>
<div>
<label for="reason">
Reason:
</label>
<textarea name="reason" class="form-control" id="reason" rows="5" cols="40" required></textarea>
</div>
<br>
<div class="checkbox">
<label>
<input type="checkbox" required /> I had understand and agree with the <a href="protocol.php">Leave Office Protocol and Term and Condition</a>.
</label>
</div>
<input type="submit" class="btn btn-primary" name="submit_btn"/>
</form>
This is the database of the form.
It display the ERROR in echo “ERROR”…
Advertisement
Answer
The formID column you have made it auto-increment and not null in the table. And still, you are passing null to it in PHP code.
Also have a look at how to get the MySQL errors
https://www.w3schools.com/php/func_mysqli_error.asp
And your code is fully prone to SQL injection
Read about the PHP Prepared statements. https://www.w3schools.com/php/php_mysql_prepared_statements.asp
Note:
And then the columns to which you know can or cannot contain values sometimes, you can mark them as NULL in DB
Your query should be like:
$query = "INSERT INTO form (ID, leaveType, leaveDuration, dateFrom, reason, status) VALUES ('$ID','$leaveType', '$leaveDuration', '$dateFrom', '$reason', 'Pending')";