I have recently implemented a number of if statements that check to see if the require data has been entered, if not then I receive the error message something is wrong with.... But after implementing them I now recieve that error message regardless of whether the data is in fact being sent to the database (the data that is being sent is all correct) and I can't for the life of me figure out why.
$query = "insert into $sql_table (Eoi, Job_reference_number, First_Name, Last_Name, Street_Address, Suburb, State, Postcode, Email, Phone_Number, Skills) values ('$eoi','$jobNumber', '$firstName', '$lastName', '$streetAddress', '$suburb', '$state', '$postcode', '$emailAddress', '$phoneNumber', '$skills')";
$result = mysqli_query($conn, $query);
if($jobNumber = ''){
$result = false;
}
if($firstName = ''){
$result = false;
echo "<p> Something is wrong with your First Name </p>";
}
if($lastName = ''){
$result = false;
echo "<p> Something is wrong with your Last Name </p>";
}
if($streetAddress = ''){
$result = false;
echo "<p> Something is wrong with your Street Address </p>";
}
if($suburb = ''){
$result = false;
echo "<p> Something is wrong with your Suburb </p>";
}
if($postcode = ''){
$result = false;
echo "<p> Something is wrong with your Postcode </p>";
}
if($email = ''){
$result = false;
echo "<p> Something is wrong with your Email </p>";
}
if($phoneNumber = ''){
$result = false;
echo "<p> Something is wrong with your Phone Number </p>";
}
if($skills = ''){
$result = false;
echo "<p> Something is wrong with your Skills </p>";
}
if($result != mysqli_query($conn, $query)) {
echo "<p>Something is wrong with ", $query, "</p>";
}else {
echo "<p class=\"ok\">Successfully added a New EOI record</p>";
}
}
}
mysqli_close($conn);
I expect the result to be Successfully added a new EOI record when the user inputs valid data but instead I get the error message.
First you have a syntax error in if statement
if statement should be == not =
if($yourVariable == ''){
echo "<p> Something is wrong with your yourVariable </p>";//no meaning of this line
$result = false;
}
it means if your variable is empty then $result will false and you're can check it in your last if
Second you are checking all variable after DB insertion, you need to do it before insertion in db
Related
PHP Form Posts to MySQL Database Successfully, But Adds Blank Rows sometimes when registering.
here is my code:
include("includes/db.php");
if (isset($_POST['submit']) && $hidden == "" ) {
$product = mysqli_real_escape_string($bd, $_POST['product']);
$name = mysqli_real_escape_string($bd, $_POST['name']);
$address = mysqli_real_escape_string($bd, $_POST['address']);
$coupon = mysqli_real_escape_string($bd, $_POST['coupon']);
date_default_timezone_set("Asia/Kolkata");
$dates = date('Y-m-d H:i:s');
if (isset($_FILES["invoice_copy"]["name"])) {
$imgpancard = $_FILES["invoice_copy"]["name"];
$tmp_name = $_FILES['invoice_copy']['tmp_name'];
$error = $_FILES['invoice_copy']['error'];
if (!empty($imgpancard)) {
$location = 'doc/';
if (move_uploaded_file($tmp_name, $location.$imgpancard)){
//echo 'Uploaded';
}
}
}
$query = mysqli_query($bd, "SELECT * FROM customer WHERE coupon='".$coupon."'");
if(mysqli_num_rows($query) > 0) {
echo'<script> alert("COUPON ALEARDY EXISTS!");
window.location="register.php";
</script> ';
}
else {
$sql = "INSERT INTO customer (product, customer_name, address, coupon, RegistrationDate, invoice_copy) VALUES ('$product', '$name', '$address', '$coupon', '$dates', '$imgpancard')";
if(mysqli_query($bd, $sql)){
echo'<script> alert("DATA SUBMITTED SUCCESFULLY!");
window.location="index.html"; </script> ';
}
else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($bd);
}
}
}
how to of 10 times one times blank data is inserted.how to avoid it can please tell me , whether code is wrong or not. In every input feild i have used required attribute
I couldn't find any error. I tried the query on phpmyadmin and it works well but when I do in php page, it couldn't update into DB. The following code below:
$registerID = ($_POST['registerID']);
$firstName = ucwords(htmlspecialchars($_POST['firstName']));
$lastName = ucwords(htmlspecialchars($_POST['lastName']));
$emailAddress = htmlspecialchars($_POST['emailAddress']);
$mainAddress = ucwords(htmlspecialchars($_POST['fullAddress']));
$updateCity = ucwords($_POST['userCity']);
$updateCountry = $_POST['userCountry'];
$postalCode = strtoupper(htmlspecialchars($_POST['userZip']));
$profilePic = $_POST['pic'];
$updateProf = " UPDATE register_user
SET firstName='$firstName',
lastName='$lastName',
emailAddress='$emailAddress',
mainAddress='$mainAddress',
registerCity='$updateCity',
registerCountry='$updateCountry',
postalCode='$postalCode'
WHERE registerID = '$registerID'";
if (mysqli_query($mysqli, $updateProf)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($mysqli);
}
In the end, there are no errors after I updated on the webpage, it just show Record updated successfully. But it didn't update into DB. Any ideas?
UPDATED CODING
$checkProfile = "SELECT * FROM register_user where emailAddress = '$emailAddress'";
$editProfile = mysqli_query($mysqli,$checkProfile);
if ($editProfile) {
if (mysqli_num_rows($editProfile) > 0) {
header("Location: event?error=That name of email has already been taken");
} else {
$updateQuery = "UPDATE register_user
SET firstName = '$firstName',
lastName = '$lastName',
emailAddress = '$emailAddress',
mainAddress = '$mainAddress',
registerCity = '$updateCity',
registerCountry = '$updateCountry',
postalCode = '$postalCode'
WHERE registerID = '$registerID'";
$updateResult = mysqli_query($mysqli,$updateQuery);
header("Location: profileUser");
}
}
After I updated, it still doesn't work after I am using prepared statement. Any ideas?
Try executing the query first, saving it into a variable.
then, check if the query executed by doing:
if(!$query) echo "Query error : " . $mysqli->error;
This will give you more detailed error report.
I'm trying to check if a handle or email exists for the riegistration on my mock Twitter project I'm doing called bleeter, but I'm getting this error:
Notice: Object of class mysqli_result could not be converted to int in first.php on line 20
This is the line where I check if num_rows_handle == 0. How am I supposed to do this?
$query_check_handle = "SELECT * FROM users WHERE handle = " . $handle;
$num_rows_handle = mysqli_query($dbc, $query_check_handle);
if ($num_rows_handle == 0) { // Line 20
//check email
$query_check_email = "SELECT * FROM users WHERE email = " . $email;
$num_rows_email = mysqli_query($dbc, $query_check_email);
if ($num_rows_email == 0) {
$query_register = "INSERT INTO users (first_name, last_name, handle, password, email, ACL)
VALUES ('$fname', '$lname', '$handle', '$pass', '$email', '$ACL')"
or DIE ("error running the query.");
mysqli_query($dbc, $query_register);
echo "<br>";
echo "You have succesfully registered, please login";
} else {
echo "<br>";
echo "Email already in use. Please try again";
}
} else {
echo "<br>";
echo "Handle already in use. Please try again";
}
When the query is SELECT, mysqli_query returns the object of type mysqli_result, which has property num_rows containing the number of rows. Thus
$result = mysqli_query($dbc, $query_check_email);
$num_rows_email = mysqli_num_rows($result);
im having a little problem getting the if($stmt->errorCode() == 0) { in my code to work. If i do a search with a ticket number that is in the database it will show it but if i do a search with a random number that's not in the database it will not show the error message no ticket found.
<?php
require("db.php");
$error_message="";
if (isset($_POST['submit'])){
if(empty($_POST['term']))
{
$error_message="Please enter a Ticket Number.";
}
else
{
$query = "SELECT department, subject, message FROM supporttickets Where ticketnumber LIKE :term";
$stmt = $db->prepare($query);
$stmt->execute(array(':term' => $_POST['term']));
if($stmt->errorCode() == 0) {
while (list($department,$subject,$message) = $stmt->fetch(PDO::FETCH_NUM)) {
echo htmlentities($department);
}
}else{
$error_message="no ticket found.";
}
}
}
?>
Your problem is that you're not actually echoing the output. This just assigns a variable:
$error_message="no ticket found.";
What you want is:
$error_message="no ticket found.";
echo $error_message;
Or maybe just:
echo "no ticket found.";
You don't need no error codes here
<?php
require("db.php");
$data = array();
if(!empty($_GET['term']))
{
$query = "SELECT department, subject, message FROM supporttickets
WHERE ticketnumber = ?";
$stmt = $db->prepare($query);
$stmt->execute(array($_GET['term']));
$data = $stmt->fetchAll();
}
foreach ($data as $row)
{
echo htmlspecialchars($row['department']);
}
if (!$data)
{
echo "Please enter valid Ticket Number.";
}
A couple of mistakes also corrected.
I am creating a login part to my web page. When a new person registers their details, pressing the register button goes to a register_ok part, showing below:
case 'register_ok':
if (!$_POST['client_username'] || !$_POST['client_password'] ||
!$_POST['client_email']) {
die('You did not fill in a required field.');
}
// check if username exists in database.
if (!get_magic_quotes_gpc()) {
$_POST['client_username'] = addslashes($_POST['client_username']);
}
$qry = "SELECT client_username FROM client WHERE client_username = '".$_POST['client_username']."'";
$result = mysql_query($qry);
if($result) {
if(mysql_num_rows($result) > 0) {
die('Sorry, the username: <strong>'.$_POST['client_username'].'</strong>'
. ' is already taken, please pick another one.');
}
}
// check e-mail format
if (!preg_match("/.*#.*..*/", $_POST['client_email']) ||
preg_match("/(<|>)/", $_POST['client_email'])) {
die('Invalid e-mail address.');
}
// no HTML tags in username, website, location, password
$_POST['client_username'] = strip_tags($_POST['client_username']);
$_POST['client_password'] = strip_tags($_POST['client_password']);
// now we can add them to the database.
// encrypt password
$_POST['client_password'] = md5($_POST['client_password']);
if (!get_magic_quotes_gpc()) {
$_POST['client_password'] = addslashes($_POST['client_password']);
$_POST['client_email'] = addslashes($_POST['client_email']);
}
$insert = "INSERT INTO client (
client_username,
client_password,
client_name,
client_email,
client_last_access)
VALUES (
'".$_POST['client_username']."',
'".$_POST['client_password']."',
'".$_POST['client_name']."',
'".$_POST['client_email']."',
'now()'
)";
if(!mysql_query($sql,$con)) {
die('Error: ' . mysql_error());
}
else{
$id= mysql_insert_id();
session_start();
echo '<script>alert("You May Now Login");</script>';
echo '<meta http-equiv="Refresh" content="0;URL=pv.php">';
}
break;
}
When I register a new person, I get the following error:
Error: Query was empty
Why is this?
In the line if(!mysql_query($sql,$con)) {, do you mean $insert instead of $sql?
Do:
if(!mysql_query($sql,$con)) {
to
if(!mysql_query($insert,$con)) {
your variable name is not correct