form wouldnt clear

[divinedesigns1]

hey im having this problem and not sure how to fix it, been at it for a few hours now, and still nothing, ok so when you fill out the form "this form www.divinedesigns1.com/formtodata/promo.php" and after you hit the submit button the form doesnt clear the fields this is my code

<?phpinclude_once ("MyConnect.php");$errorMessage = "";$fname = "";$lname = "";$company = "";$email = "";$mobile = "";if($_POST['firstname']){// Grab variables$fname = $_POST['firstname'];$lname = $_POST['lastname'];$company = $_POST['company'];$email = $_POST['email'];$mobile = $_POST['phone'];// Making sure variables are present else stop processif(!$fname || !$lname || !$company || !$email || !$mobile){  $errorMessage = 'The Form is incomplete, or you forgot a Field. Please Fill all Fields';}else{  // Run any filtering here  $fname = strip_tags($fname);  $fname = stripslashes($fname);  $lname = strip_tags($lname);  $lname = stripslashes($lname);  $company = strip_tags($company);  $company = stripslashes($company);  $email = strip_tags($email);  $email = stripslashes($email);  $mobile = strip_tags($mobile);  $mobile = stripslashes($mobile);   $to = 'aismith@smithai.ai';  $from = '$fname' . '$lname';  $subject = 'Fill2Win Promo';   // Email Message Bot  $message = "  $fname  $lname  $company  $email  $mobile  ";   // Configure some headers  $header = 'MIME-Version:1.0' . "rn";  $header .= 'Content-type:textrn';  $header .= 'From: $fromrn';   // Inserting data  $query = "INSERT INTO form (first_name, last_name, email, phone, company_name)" . "VALUE('$fname', '$lname', '$company', '$email', '$mobile')" or die('problem querying');} // lock this condition} // lock if POST a condition?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Promo</title></head><body><form id="form1" name="form1" method="post" action="promo.php"><div id="effect"><?php echo $errorMessage; ?></div><br /><br />First Name: <br /><input name="firstname" type="text" id="firstname" size="32" maxlength="28" value="<?php echo $fname; ?>" /><br />Last Name: <br /><input name="lastname" type="text" id="lastname" size="32" maxlength="28" value="<?php echo $lname; ?>"  /><br />Company Name: <br /><input name="company" type="text" id="company" size="32" maxlength="28" value="<?php echo $company; ?>"  /><br />Email: <br /><input name="email" type="email" id="email" size="32" maxlength="28" value="<?php echo $email; ?>"  /><br />Mobile: <br /><input name="phone" type="number" id="phone" size="32" maxlength="28" value="<?php echo $mobile; ?>"  /><br /><input name="submit" type="submit" id="submit" value="submit"  /></form></body></html>

am i making a error? or have a misspelled word?

[Guest So Called]

I presume you'll have a statement to execute the query after you've set it up. Just put this after the query has been executed:

$fname = $lname = $company = $email = $mobile = "";

[birbal]

<input name="firstname" type="text" id="firstname" size="32" maxlength="28" value=" <?php echo $fname; ?> " />you have told to evaluate the values here.

[divinedesigns1]

<input name="firstname" type="text" id="firstname" size="32" maxlength="28" value=" <?php echo $fname; ?> " />you have told to evaluate the values here. yes and i did, fine the variable for firstname is $fname, so on and so on, that part works fine, since i tested it.

[divinedesigns1]

and ok so called, ill try that and see what happen

[divinedesigns1]

ok, so i did what you guys said to do, excuted the query, i evaluate the fields, and that work, but it didnt insert the data into mysql

[birbal]

you need to execute the query using http://php.net/mysql_query

[divinedesigns1]

you need to execute the query using http://php.net/mysql_query

its actually working atm check it out www.divinedesigns1.com/formtodata/promo.php but i still need to add more security to it which im not sure how to do also is it possible to make the form send the information to the data and to an email?

[birbal]

constrain the inputs. let pass the value which is only need to go. eg name does not contain numeric let filter it by alphaets.. use reguler expression to validate complex structure like email. you can use mysqli_real_escape_string() or you can use prepared statement to prevent sql injections and safe query execution.

also is it possible to make the form send the information to the data and to an email

you can use the inputs to mail() to send mail after query succeces. Edited May 20, 2012 by birbal

[divinedesigns1]

ok thank you, ill do that now

[divinedesigns1]

i try using the mysqli_real_escape_string() on the mobile and email and i end up with these errors

string(25) smith@smith.smith NULL string(10) "0502573212"Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given in /home/content/14/8709614/html/formtodata/promo.php on line 40Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in /home/content/14/8709614/html/formtodata/promo.php on line 41

^ the above error shows my email and a fake phone number, but im not too sure how to fix this, i used the var_dump() function to see whats wrong on like 40 and 41, now im not sure how to fix it can someone give me a hand please

[Ingolme]

The first parameter is the mysqli resource you created with mysqli_connect()

mysqli_real_escape_string($mysqli, $str);

[divinedesigns1]

The first parameter is the mysqli resource you created with mysqli_connect()

mysqli_real_escape_string($mysqli, $str);

so my code is correcti put $email = mysqli_real_escape_string($con, $email); or should $email be replaced with $str?

[Ingolme]

The error message is saying that the first parameter is a string. Have you see what $con is?

[divinedesigns1]

yes $con is the variable i use to descript my database connect, like this

$dbhost ="";$dbuser = "";$dbpass = "";$dbname = "";$con =  mysqli_connect($dbhost, $dbuser, $dbpass, $dbname) or die ('connection error');

[Ingolme]

Print out the value right before the mysqli_real_escape_string() function to see what it is:

var_dump($con);var_dump($email);$email = mysqli_real_escape_string($con, $email);

[divinedesigns1]

Print out the value right before the mysqli_real_escape_string() function to see what it is:

var_dump($con);var_dump($email);$email = mysqli_real_escape_string($con, $email);

i did what you said and i got this errorNULL string(23) "smith@smithy.n"Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in /home/content/14/8709614/html/formtodata/promo.php on line 41 stating that the string 23 is smith@smithy.n which suppose to be smith@smithy.net

[Ingolme]

That means that $con is null. It's supposed to be a resource. This could be for any number of reasons, I can only guess.

[dsonesuk]

You haven't gotmysqli_close($con);above it anywhere have you.

[divinedesigns1]

You haven't gotmysqli_close($con); above it anywhere have you.

nope i havent close it as yet

[divinedesigns1]

That means that $con is null. It's supposed to be a resource. This could be for any number of reasons, I can only guess.

how you make it to be not null?

[Ingolme]

It shouldn't be null if mysqli_connect() worked properly. Check mysqli_connect_error() to see if you're actually connecting to the server http://es2.php.net/mysqli_connect_error

[dsonesuk]

$header .= 'From: $fromrn';hhmmmmm! would have thought that they would be separated $header .= 'From: $from'."\r\n";

Edited May 20, 2012 by dsonesuk

[divinedesigns1]

It shouldn't be null if mysqli_connect() worked properly. Check mysqli_connect_error() to see if you're actually connecting to the server http://es2.php.net/m...i_connect_error

yea i am connecting to the database, since the form is inserting the information into the database, thats where im puzzled

[divinedesigns1]

$header .= 'From: $fromrn';hhmmmmm! would have thought that they would be separated $header .= 'From: $from'."\r\n";

okie