I use the same Code local and on the server.
While its working just fine local, there is no db-entry while running on the server.
While the INSERT statement is not working i can read and update the rows - so the connection should be fine.
Can somebody help me?
function setDataToParticipantTable($db_host, $db_password, $db_user, $db_name, $new_participant)
{
$db = new PDO('mysql:host=' . $db_host . ';dbname=' . $db_name, $db_user, $db_password);
$qry = "INSERT INTO " . "`TAEK_Subscriber19`" . " (`Vorname`, `Nachname`, `Email`, `Straße`, `Hausnummer`, `PLZ`, `Ort`, `Land`, `Turnusaerztevertreter`, `DO_VM_WS_1`, `DO_NM_WS_1`, `FR_VM_WS1_1`, `FR_VM_WS2_1`, `FR_NM_WS_1`, `Kongresseroeffnung`, `Kongressparty`, `Infotext`, `Hash`)
VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$statement = $db->prepare($qry);
$statement->bindParam(1, $new_participant['Vorname']);
$statement->bindParam(2, $new_participant['Nachname']);
$statement->bindParam(3, $new_participant['Email']);
$statement->bindParam(4, $new_participant['Straße']);
$statement->bindParam(5, $new_participant['Hausnummer']);
$statement->bindParam(6, $new_participant['PLZ']);
$statement->bindParam(7, $new_participant['Ort']);
$statement->bindParam(8, $new_participant['Land']);
$statement->bindParam(9, $new_participant['Turnusaerztevertreter']);
$statement->bindParam(10, $new_participant['DO_VM_WS_1']);
$statement->bindParam(11, $new_participant['DO_NM_WS_1']);
$statement->bindParam(12, $new_participant['FR_VM_WS1_1']);
$statement->bindParam(13, $new_participant['FR_VM_WS2_1']);
$statement->bindParam(14, $new_participant['FR_NM_WS_1']);
$statement->bindParam(15, $new_participant['Kongresseroeffnung']);
$statement->bindParam(16, $new_participant['Kongressparty']);
$statement->bindParam(17, $new_participant['Infotext']);
$statement->bindParam(18, $new_participant['Hassh']);
$statement->execute();
$statement = null;
$db = null;
}
Related
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 3 years ago.
I have a little problem with this code I have. When I run it that doesn't create any values in database and shows.
Parse error: syntax error, unexpected 'INSERT' (T_STRING) in
/home/vol6_8/epizy.com/epiz_23744660/htdocs/main/test.php on line 8
This is the code I have:
include("config.php);
// Create connection
$conn = new mysqli($dbhost, $dbuser, $dbpasswd, $dbname);
// prepare and bind
$stmt = $conn->prepare("INSERT INTO phpbb_crany ('crany_id', 'crany_name', 'crany_breed', 'crany_gender', 'crany_level', 'crany_born', 'crany_mother', 'crany_father', 'crany_element', 'crany_user') VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssssssssss",1, $cn, $cb, $cg, $cl, $cb, $cm, $cf, $ce, $cu);
// set parameters and execute
$cn = $_POST['petname'];
$cb = "jgh";
$cg = rand(0,1);
$cl = "1";
$cb = $_SERVER['REQUEST_TIME'];
$cm = 0;
$cf = 0;
$ce = 1;
$cu = 1;
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
i'm trying with php and mysql. what'ss the problem?
You have an logic misstake in your code. Your code (the bind_param()-function` is excecuted, before you set your varibales.
Try it so:
include("config.php");
$stmt = $conn->prepare("INSERT INTO phpbb_crany ('crany_id', 'crany_name', 'crany_breed', 'crany_gender', 'crany_level', 'crany_born', 'crany_mother', 'crany_father', 'crany_element', 'crany_user') VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$cb = "jgh";
$cg = rand(0,1);
$cl = "1";
$cb = $_SERVER['REQUEST_TIME'];
$cm = 0;
$cf = 0;
$ce = 1;
$cu = 1;
$stmt->bind_param("ssssssssss",1, $cn, $cb, $cg, $cl, $cb, $cm, $cf, $ce, $cu);// <---- CHANGED - line moved
$stmt->execute();
echo "New records created successfully";
$stmt->close(); $conn->close();
This is my php code. Can you please help me. There's no data in my database.
<?php
require_once("dbconnect.php");
session_start();
for ($x = 0; x < $_POST['reimcounter']; $x++) {
$date = $_POST['date'];
$tin = $_POST['tin'];
$address = $_POST['address'];
$particulars = $_POST['particulars'];
$referencenumber = $_POST['refno'];
$total = floatval(preg_replace('/[^\d\.]/', '', $_POST['total' . $x]));
$nonvat = floatval(preg_replace('/[^\d\.]/', '', $_POST['nonvat' .
$x]));
Is there anything wrong with my insert code?
$sql = "INSERT INTO rtco_cms.dbo.Reimbursement VALUES (?, ?, ?, ?, ?, ?,
?, ?, ?)";
$params = array($date, $tin, $SESSION['empid'], $address,
$SESSION['clientid'], $particulars, $referencenumber, $nonvat, $total);
$stmt = sqlsrv_query($conn, $sql, $params);
}
header("location: ../reimbursement.php");
?>
Change this
$params = array($date, $tin, $SESSION['empid'], $address,
$SESSION['clientid'], $particulars, $referencenumber, $nonvat, $total);
to
$params = array($date, $tin, $_SESSION['empid'], $address,
$_SESSION['clientid'], $particulars, $referencenumber, $nonvat, $total);
Session variable calling is wrong. Hope it helps
Update your insert query for example see this query:
tsql= "INSERT INTO dbo.vF_events (
username,
Rft,
Ging,
description,
date,
trdate)
VALUES
(?, ?, ?, ?, ?, ?)";
$var = array($username, $sort, $ag, $description, $date, $trdate);
if (!sqlsrv_query($conn, $tsql, $var))
{
die('Error: ' . sqlsrv_errors());
}
echo "record added";
I tried to use, for the first time, prepared statement in order to avoid sql injection but it seems i have a problem when i try to insert or update my database i use these lines to do what i want:
Insert:
$stmt = $con->prepare("INSERT INTO my_array (image1,image2,image3,image4, info, type, lat, lng, date_created, status, created_by, closed_by, date_finished) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)") ;
$stmt->bind_param('bbbbssddsssss', $image1, $image2, $image3, $image4, $info, $type, $lat, $long, $date, $opened, $user, $closed_by, $closed_by, $date_finished);
$stmt->execute();
$result = $stmt->get_result();
Update:
$stmt = $con->prepare("UPDATE users SET fullname = IF(LENGTH(?) = 0, fullname, ?), email = IF(LENGTH(?) = 0, email, ?), phone_num = IF(LENGTH(?) = 0, phone_num, ?) , address = IF(LENGTH(?) = 0, address, ?) WHERE username = '$user'") ;
$stmt->bind_param('ssssiiss',$fullname, $fullname, $email, $email, $phone_number , $phone_number, $address, $address);
$stmt->execute();
$result = $stmt->get_result();
in both i get a "false" result.
In the first you have $closed_by duplicate.
In the second you have $user in the prepared statement. That must be a parameter.
use proper error handling in each of your statements:
if(!($stmt = $con->prepare("INSERT INTO my_array (image1,image2,image3,image4, info, type, lat, lng, date_created, status, created_by, closed_by, date_finished) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"))
{
echo "Prepare failed: (" . $con->errno . ") " . $con->error;
}
if(!$stmt->bind_param('bbbbssddsssss', $image1, $image2, $image3, $image4, $info, $type, $lat, $long, $date, $opened, $user, $closed_by, $closed_by, $date_finished))
{
echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if(!$stmt->execute())
{
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
if(!($result = $stmt->get_result())
{
echo "Getting result set failed: (" . $stmt->errno . ") " . $stmt->error;
}
I am trying to insert some values to my database using PDO but it just says "No database selected".
$host = "localhost";
$dbname = "aura";
$user = "root";
$pass = "somepassword";
try {
$DB = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
$DB->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$DB->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo $e->getMessage();
}
$SignUp = $DB->prepare("INSERT INTO `users` (`username`, `password`, `name`, `email`, `rank`, `lvl`, `xp`, `money`, `age`, `reg_ip`, `last_ip`, `created`, `last_online`, `last_action`, `online`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ");
$SignUp->bindValue(1, $username);
$SignUp->bindValue(2, $password);
$SignUp->bindValue(3, $name);
$SignUp->bindValue(4, $email);
$SignUp->bindValue(5, '1');
$SignUp->bindValue(6, '1');
$SignUp->bindValue(7, '1');
$SignUp->bindValue(8, '100');
$SignUp->bindValue(9, NULL);
$SignUp->bindValue(10, $ip);
$SignUp->bindValue(11, $ip);
$SignUp->bindValue(12, $time);
$SignUp->bindValue(13, $time);
$SignUp->bindValue(14, $time);
$SignUp->bindValue(15, $online);
try{
$SignUp->execute();
} catch(PDOException $e){
die($e->getMessage());
}
I do not know why I get this error because I have connected successfully to the database and as you can see I have specified a database.
It looks ok, but you may have issues with the first try catch and your not killing and possible confusing the insert with the errors from the first.
Also wrap the whole statements in the try catch blocks also using $e->__toString() its going to give you a full stack trace, often that makes it easyier to trace where the error is.
Try this, I couldn't tell you if the following changes will fix the issue but might make it more clearer.
<?php
$host = "127.0.0.1";
$dbname = "aura";
$user = "root";
$pass = "somepassword";
try {
$DB = new PDO('mysql:host='.$host.';dbname='.$dbname, $user, $pass, array(
PDO::ATTR_EMULATE_PREPARES => false,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")
);
} catch(PDOException $e) {
die('<pre>'.$e->__toString().'</pre>');
}
try{
$SignUp = $DB->prepare("
INSERT INTO `users` (`username`, `password`,
`name`, `email`, `rank`,
`lvl`, `xp`, `money`,
`age`, `reg_ip`, `last_ip`,
`created`, `last_online`,
`last_action`, `online`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ");
$SignUp->bindValue(1, $username);
$SignUp->bindValue(2, $password);
$SignUp->bindValue(3, $name);
$SignUp->bindValue(4, $email);
$SignUp->bindValue(5, '1');
$SignUp->bindValue(6, '1');
$SignUp->bindValue(7, '1');
$SignUp->bindValue(8, '100');
$SignUp->bindValue(9, NULL);
$SignUp->bindValue(10, $ip);
$SignUp->bindValue(11, $ip);
$SignUp->bindValue(12, $time);
$SignUp->bindValue(13, $time);
$SignUp->bindValue(14, $time);
$SignUp->bindValue(15, $online);
$SignUp->execute();
} catch(PDOException $e){
die('<pre>'.$e->__toString().'</pre>');
}
?>
Is there a possibility to put that in a loop?
if (!empty($_POST["textDE"])) {
$mysqli = $connect->prepare("INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) VALUES (?, ?, ?)");
$mysqli->bind_param('iss', $l10id, $languageCodeDE, $textDE);
$mysqli->execute();
}
if (!empty($_POST["textEN"])) {
$mysqli = $connect->prepare("INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) VALUES (?, ?, ?)");
$mysqli->bind_param('iss', $l10id, $languageCodeEN, $textEN);
$mysqli->execute();
}
if (!empty($_POST["textES"])) {
$mysqli = $connect->prepare("INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) VALUES (?, ?, ?)");
$mysqli->bind_param('iss', $l10id, $languageCodeES, $textES);
$mysqli->execute();
}
if (!empty($_POST["textFR"])) {
$mysqli = $connect->prepare("INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) VALUES (?, ?, ?)");
$mysqli->bind_param('iss', $l10id, $languageCodeFR, $textFR);
$mysqli->execute();
}
if (!empty($_POST["textIT"])) {
$mysqli = $connect->prepare("INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) VALUES (?, ?, ?)");
$mysqli->bind_param('iss', $l10id, $languageCodeIT, $textIT);
$mysqli->execute();
}
$languages = array('DE', 'EN', 'ES', 'FR', 'IT');
foreach ($languages as $lang) {
$langKey = 'text' . $lang;
if (!empty($_POST[$langKey])) {
$mysqli = $connect->prepare(
"INSERT INTO `l10n-strings` (`translationID`, `languageCode`, `text`) ".
"VALUES (?, ?, ?)"
);
$mysqli->bind_param(
'iss',
$l10id,
${'languageCode'.$lang},
${$langKey}
);
$mysqli->execute();
}
}
Variable variables make this easier, with a look-up array.
Also disable register globals in your PHP configuration, it is a security issue.