is it possible to insert a long sentence to database? from textarea form

Question

I'm trying to send sentences to the database. its sent but sent empty.

this is the submit form

<td align="center" colspan="3">
            <FONT FACE="algerian"><h2>TODAYS TAZKIRAH</FONT>
                <form method="post" id="usrform" action="InsertTazkirah.php"  ><br>
                <textarea rows="4" cols="50" type="text" name="Tazkirah" form="usrform">
                </textarea><br>
                <input type="submit"><br>
                </form>

        </td>

and this is the process to insert to database

<?php
$con=mysqli_connect("rock","mido","****","fyp");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$sql="INSERT INTO Tazkirah (version)
VALUES
('$_POST[version]')";

if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }


echo '<script> alert ("done!"); </script>';
include_once("admin.php");
mysqli_close($con);

?>

in the database table I have ID and version. the ID auto_increment so when I click submit the ID been added but the text is not appearing in the database.

thank yoou

Answer 1

Try this

$sql="INSERT INTO Tazkirah (version)
VALUES ('mysql_real_escape_string ($_POST[Tazkirah])')";

Answer 2

That is because there is no version field found in the <form> tag.

It should be $_POST['Tazkirah'] instead of $_POST[version]

Since you are using MySQLi it is suggested you go for Prepared Statements in MySQLi to ward off SQL Injection attacks.

Warning : Your PHP Script is prone to SQL Injection Attack. Either filter the parameters or make use of Prepared Statements as suggested in the above link.

Answer 3

You need to change here:

$sql="INSERT INTO Tazkirah (version)
VALUES
('$_POST['Tazkirah']')";<--- change here

$_POST index name of the $_POST should be similar to the field name.