Home/ Questions/Q 8177883
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T23:38:00+00:00

The form below is not adding points to the fourth field in the MySQL

  • 0

The form below is not adding points to the fourth field in the MySQL table “contest.”

I can’t find anything wrong with the code. Am I missing something obvious?

echo '<form action="http://www.website.com/folder/file.php" method="post"> 
    <input type="hidden" value="'.$u.'" name="u"> 
    <input type="hidden" value="'.$profile.'" name="profile"> 
    <input type="hidden" value="'.$profileid.'" name="profileid"> 




    <div class="friend2title"><label for="url">Add points:</label></div> 
    <div class="friend2field"><input name="state" type="text" id="state" maxlength="150"></div>




    <div class="addresssubmit"><input name="submit" type="submit" value="Add"></div> 
</form>
';

Then, on http://www.website.com/folder/file.php:

$u = $_POST['u'];
$profile = $_POST['profile'];
$profileid = $_POST['profileid'];

$state = $_POST['state'];





$state = mysql_real_escape_string($state);



mysql_query("INSERT INTO contest VALUES (NULL, 'critic', '$profileid',  '$state', NULL')");
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have to declare the value attribute with the default value in your state input

    <input name="state" type="text" id="state" value="' . $state . '" maxlength="150">

    Additionaly, your code is vulnerable to SQL Injection, never trust in fields that came from users, it is very dangerous for your database.

    • 0