i using form. (i wanted message text text area changed normal text see if problem)
this form using
<form name="addmessage" method="post" action="addmessage.php" > <input type="text" name="message_title" id="message_title">message title</input> <input type="text" name="message_text" id="message_text">message</input> <input type="submit" name="submit" value = add> </form> below php code. understand need protect against sql injection however, can later.
<?php include_once("config.php"); if(isset($_post["message_title"]) && strlen($_post["message_title"])>0) { $message_title=$_post['message_title']; $message_text=$_post['message_text']; session_start(); $barber_id = $_session['barber_id']; $insert_row = $mysqli->query("insert messages(barber_id,message_title,message_text) values('".$barber_id."','".$message_title."',".$message_text.")"); } else { //output error header('http/1.1 500 error have left blank'); exit(); } header("location:messages.php"); ?> if manually enter data using phpmyadmin, can display using code below.
include_once("config.php"); session_start(); $barber_id = $_session['barber_id']; $results = $mysqli->query("select * messages barber_id ='$barber_id' "); //get records table while($row = $results->fetch_assoc()) { $prices_id = $row['prices_id']; echo '<div data-role="collapsible">'; echo '<h1>'; echo ' message title: '; echo $row['message_title']; echo '</a>'; echo '</h1>'; echo '<p>'; echo $row['message_text']; echo '<a href="delete_price.php?prices_id='.$prices_id.'" class="ui-btn ui-icon-delete "> delete</a></div>'; } $mysqli->close(); ?>
at $insert_row = $mysqli->query("insert messages(barber_id,message_title,message_text) values('".$barber_id."','".$message_title."',".$message_text.")");
you should write
$insert_row = $mysqli->query("insert messages(barber_id,message_title,message_text) values('".$barber_id."','".$message_title."','".$message_text."')"); everytime pass string or other non int values must pass them that: 'xx', otherwise mysql see query param , crashes.
