I am updating image using below command and its working fine. Is there any way to update one more column in the table at the same time. There is one more column in which I need to update image description like Human, Animals,Aliens etc.... How to perform this function?
Below Code:
if($_POST["action"] == "insert")
{
$file = addslashes(file_get_contents($_FILES["image"]["tmp_name"]));
$query = "INSERT INTO tbl_images(name) VALUES ('$file')";
if(mysqli_query($connect, $query))
{
echo 'Image Inserted into Database';
}
}
Modify your insert query like this:
$query = "INSERT INTO tbl_images(name, description) VALUES ('$file', '$description')";
Note: You can insert more than one values in a single insert query.
INSERT INTO table_name (column1, column2, column3, ...)VALUES (value1, value2, value3, ...);
The INSERT INTO statement is used to insert new records in a table.
INSERT INTO Syntax
INSERT INTO table_name (column1, column2, column3, ...) VALUES (value1, value2, value3, ...);
ex -
INSERT INTO tbl_images (name, dessc) VALUES ($file, $desc);
Related
I'm using a time method:
$time= date('h:i:s');
What I want is to put this time into database in mySQL,
I used:
$query = mysqli_query($conn, "INSERT INTO tab ('ltime') VALUES ($time)"); but it's not working
Where tab is a table and a ltime is a Column with time Type.
What am I doing wrong?
Regards
Your query will goes like this.
$query = mysqli_query($conn, "INSERT INTO tab (ltime) VALUES ('$time')");
Your query should be like this
$query = mysqli_query($conn, "INSERT INTO tab (ltime) VALUES ($time)");
Columns and tables should have backticks and not single quotes
INSERT INTO `tab` (`ltime`) VALUES ($time)
$query = mysqli_query($conn, "INSERT INTO tab (ltime) VALUES ($time)");
Don't use '' when assigning the column name
The first way specifies both the column names and the values to be inserted:
INSERT INTO table_name (column1, column2, column3, ...)VALUES (value1, value2, value3, ...);
If you are adding values for all the columns of the table, you do not need to specify the column names in the SQL query
INSERT INTO table_name VALUES (value1, value2, value3, ...);
In your case:
$query = mysqli_query($conn, "INSERT INTO tab (ltime) VALUES ($time)");
there is no need to single quote with column name:
Reference: https://www.w3schools.com/sql/sql_insert.asp
everbody.
I have a array I want to store in my database. Each element in each row. So I created a loop with a query using DBH. As normal queries (with no loop) go though with no problem, the query in the loop does not work. How should I correct my code?
for($i=0;$i<$count($array);$i++)
{
$stmt = $dbh->prepare("INSERT INTO table (column1, column2) VALUES (:value1, :value2)");
$stmt->bindValue(':value1', $value1[$i]);
$stmt->bindValue(':value2', $value2[$i]);
$stmt->execute();
}
Even this variant doesnt work
for($i=0;$i<$count($array);$i++)
{
$stmt[$i] = $dbh->prepare("INSERT INTO table (column1, column2) VALUES (:value1, :value2)");
$stmt[$i]->bindValue(':value1', $value1[$i]);
$stmt[$i]->bindValue(':value2', $value2[$i]);
$stmt[$i]->execute();
}
I have fixed the problem by building the query in one loop and executing it outside the loop
$query = "";
for($i=0;$i<$count;$i++)
{
$query .= "INSERT INTO `table` (`column1`, `column2`) VALUES ('".$velue1[$i]."', '".$value2[$i]."'); ";
}
rtrim($query, "; ");
$stmt = $dbh->prepare($query);
$stmt->execute();
$fname = addslashes($fname);
$lname = addslashes($lname);
$dob = addslashes($dob);
$email = $_POST['email'];
$sql =
"INSERT INTO subscriber
(fname, lname, dob)
VALUES
('".$fname."', '".$lname."', '".$dob."')
WHERE email='".$email."'";
$register = mysql_query($sql) or die("insertion error");
I am getting error in sql query "insertion error". Query is inserting data into DB after removing WHERE statement. What is the error.
You can't use where in an insert statement. You might be thinking of an update instead?
$sql = "update subscriber set fname='".$fname."', lname = '".$lname."', dob = '".$dob."' WHERE email='".$email."'";
If your email is a unique value, you can also combine an insert with an update like this:
insert into
subscriber (fname, lname, dob, email)
values ('".$fname."', '".$lname."', '".$dob."', '".$email."')
on duplicate key update set fname='".$fname."', lname='".$lname."', dob='".$dob."'
This second syntax will insert a row if there isn't one with a matching email (again, this has to be set to a unique constraint on the table) and if there is one there already, it will update the data to the values you passed it.
Basically INSERT statement cannot have where. The only time INSERT statement can have where is when using INSERT INTO...SELECT is used.
The only syntax for select statement are
INSERT INTO TableName VALUES (val1, val2, ..., colN)
and
INSERT INTO TableName (col1, col2) VALUES (val1, val2)
The other one is the
INSERT INTO tableName (col1, col2)
SELECT col1, col2
FROM tableX
WHERE ....
basically what it does is all the records that were selected will be inserted on another table (can be the same table also).
One more thing, Use PDO or MYSQLI
Example of using PDO extension:
<?php
$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);
// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
?>
this will allow you to insert records with single quotes.
Oops !!!! You cannot use a WHERE clause with INSERT statement ..
If you are targeting a particular row then please use UPDATE
$sql = "Update subscriber set fname = '".$fname."' , lname = '".$lname."' , dob = '".$dob."'
WHERE email='".$email."'";
$register = mysql_query($sql) or die("insertion error");
i have a recipe table and ingredient table the primary key of both tables are auto increament and primary key of recipe is foreign key in ingredient. i post data from html to php.Note that my ingredient textboxes are generated dynamically and successfully post the data to php script. posted data is correct when i insert this data to table my query working fine but data is not added to mysql table. my code and output is
$sql = "insert into recipe (rec_id, Name, Overview,category, Time, Image) values ('', '$name','$overview','$category','$time','$TARGET_PATH')";
$result = mysql_query($sql) or die ("Could not insert data into DB: " . mysql_error());
$rec_id = mysql_insert_id();
and for ingredient
$ingredient = $_POST['ingredient'];
$amount = $_POST['amount'];
$integer = 0;
while (count($ingredient)>$integer) {
if (($ingredient[$integer] <> "") && ($amount[$integer] <> "")){
$sql = "INSERT INTO `cafe`.`ingredients` (`ingredient_id`, `ingredient_name`, `ammount`, `rec_id`,)
VALUES ('', '".$ingredient[$integer]."', '".$amount[$integer]."', '$rec_id')";
mysql_query($sql);
echo $sql."";
}
else{
echo "ingredient number ".($integer+1)." is missing values and cannot be inserted.";
}
$integer = ($integer + 1);
}
when i echo the queries the out put is nsert into recipe (rec_id, Name, Overview,category, Time, Image) values ('', 'demo recipe','no overview','meal','10/12/10 : 13:02:33','http://www.localhost/cafe/pics/demo.gif')
INSERT INTO cafe.ingredients (ingredient_id, ingredient_name, ammount, rec_id,) VALUES ('', 'ingredient one', '3gm', '29')
INSERT INTO cafe.ingredients (ingredient_id, ingredient_name, ammount, rec_id,) VALUES ('', 'ingredient two', '3gm', '29')
INSERT INTO cafe.ingredients (ingredient_id, ingredient_name, ammount, rec_id,) VALUES ('', 'ingredient three', '3gm', '29')
but when i see the mysql table or retriew data from ingredient there is no data in ingredient.
You have an extra , after rec_id.
Remove it, so it looks like
INSERT INTO cafe.ingredients (ingredient_id, ingredient_name, ammount, rec_id) VALUES ('', 'ingredient one', '3gm', '29')
And you will be OK
There seems to be a syntax error in your code:
if (($ingredient[$integer] "") && ($amount[$integer] ""))
^^ ^^
Looks like you are missing a comparison operator.
You might want to verify if you are using a BEGIN call and not committing after INSERT. You can refer to http://www.devarticles.com/c/a/MySQL/Using-Transactions-with-MySQL-4.0-and-PHP/
in that scenario.
When insert doesnt throw exceptions and doesnt insert data there are I think a couple of options
1) you use transaction somewhere and rollback it
2) your select query is bad and data is there, but you just dont select it
remove cafe from the query
$sql = "INSERT INTO ingredients (`ingredient_id`, `ingredient_name`, `ammount`, `rec_id`,)
VALUES ('', '".$ingredient[$integer]."', '".$amount[$integer]."', '$rec_id')";
So, I want to insert some data into a MySQL table where the table name that the data is being put into is a PHP Variable.
Something like this:
$tablename = "databasetable";
$insert = mysql_query(
"INSERT INTO '".$tablename."' (column1, col2)
VALUES ('Blah', 'Blah')
");
But that of course doesn't work, so I'm not sure what to do.
By the way, I'm new to PHP and StackOverflow.
Remove the single quotes from around the table name variable and it'll work:
$tablename = "databasetable";
$insert = mysql_query(
"INSERT INTO ".$tablename." (column1, col2) VALUES ('Blah', 'Blah')");
What about :
$tablename = "databasetable";
$insert = mysql_query("INSERT INTO ".$tablename." (column1, col2) VALUES ('Blah', 'Blah')");
ie, without the simple quotes you were putting arround the table name.
Or, as you are using double-quoted string, which means variables are interpolated :
$tablename = "databasetable";
$insert = mysql_query("INSERT INTO $tablename (column1, col2) VALUES ('Blah', 'Blah')");
As a sidenote, in both cases, you must be really sure that $tablename doesn't contain any malicious data !
My answer is similar to Doug's, although I would use 'back-ticks' in the query around the table name to distinguish it as a table as further prevent the possibility of malicious injection...
E.g.
$tablename = "databasetable";
$insert = mysql_query("INSERT INTO `{$tablename}` (column1, col2)
VALUES ('Blah', 'Blah')"
);