We Keep Coding

Query not inserting and not showign errors

I've been trying to figure this out, and was not able to make it work. I was trying to see the response of my PHP but it doesn't show any errors. Last time this inserted into my table. below this is query of my PHP.
$selectCharacter = $con->query('SELECT * FROM users_characters WHERE UserId = "'. $UserID .'" AND CharacterID = "'. $CharacterID .'"');
$user_data = $selectCharacter->fetch_assoc();
$CharacterID = $user_data['CharacterID'];
$UserID = $user_data['UserId'];
$Name = $user_data['Name'];
$Hash = $user_data['Hash'];
$HairID = $user_data['HairID'];
$Access = $user_data['Access'];
$SkillPoints = $user_data['SkillPoints'];
$RaceID = $user_data['RaceID'];
$RaceXP = $user_data['RaceXP'];
$ActivationFlag = $user_data['ActivationFlag'];
$PermamuteFlag = $user_data['PermamuteFlag'];
$Country = $user_data['Country'];
$Age = $user_data['Age'];
$Gender = $user_data['Gender'];
$Email = $user_data['Email'];
$Level = $user_data['Level'];
$Copper = $user_data['Copper'];
$Silver = $user_data['Silver'];
$Gold = $user_data['Gold'];
$Coins = $user_data['Coins'];
$Exp = $user_data['Exp'];
$ColorHair = $user_data['ColorHair'];
$ColorSkin = $user_data['ColorSkin'];
$ColorEye = $user_data['ColorEye'];
$ColorBase = $user_data['ColorBase'];
$ColorTrim = $user_data['ColorTrim'];
$ColorAccessory = $user_data['ColorAccessory'];
$SlotsBag = $user_data['SlotsBag'];
$SlotsBank = $user_data['SlotsBank'];
$SlotsHouse = $user_data['SlotsHouse'];
$DateCreated = $user_data['DateCreated'];
$LastLogin = $user_data['LastLogin'];
$CpBoostExpire = $user_data['CpBoostExpire'];
$RepBoostExpire = $user_data['RepBoostExpire'];
$GoldBoostExpire = $user_data['GoldBoostExpire'];
$ExpBoostExpire = $user_data['ExpBoostExpire'];
$UpgradeExpire = $user_data['UpgradeExpire'];
$UpgradeDays = $user_data['UpgradeDays'];
$Upgraded = $user_data['Upgraded'];
$Achievement = $user_data['Achievement'];
$Settings = $user_data['Settings'];
$Quests = $user_data['Quests'];
$Quests2 = $user_data['Quests2'];
$DailyQuests0 = $user_data['DailyQuests0'];
$DailyQuests1 = $user_data['DailyQuests1'];
$DailyQuests2 = $user_data['DailyQuests2'];
$MonthlyQuests0 = $user_data['MonthlyQuests0'];
$LastArea = $user_data['LastArea'];
$SpawnPoint = $user_data['SpawnPoint'];
$CurrentServer = $user_data['CurrentServer'];
$HouseInfo = $user_data['HouseInfo'];
$KillCount = $user_data['KillCount'];
$DeathCount = $user_data['DeathCount'];
$Address = $user_data['Address'];
$Language = $user_data['Language'];
$Rebirth = $user_data['Rebirth'];
$Bounty = $user_data['Bounty'];
$backupCharacter = $con->query("INSERT INTO `users_characters_history`
(`CharacterID`, `UserId`, `Name`, `Hash`, `HairID`,
`Access`, `SkillPoints`, `RaceID`, `RaceXP`,
`ActivationFlag`, `PermamuteFlag`, `Country`,
`Age`, `Gender`, `Email`, `Level`, `Copper`, `Silver`,
`Gold`, `Coins`, `Exp`, `ColorHair`, `ColorSkin`,
`ColorEye`, `ColorBase`, `ColorTrim`, `ColorAccessory`,
`SlotsBag`, `SlotsBank`, `SlotsHouse`, `DateCreated`,
`LastLogin`, `CpBoostExpire`, `RepBoostExpire`,
`GoldBoostExpire`, `ExpBoostExpire`, `UpgradeExpire`,
`UpgradeDays`, `Upgraded`, `Achievement`, `Settings`,
`Quests`, `Quests2`, `DailyQuests0`, `DailyQuests1`,
`DailyQuests2`, `MonthlyQuests0`, `LastArea`, `SpawnPoint`,
`CurrentServer`, `HouseInfo`, `KillCount`, `DeathCount`,
`Address`, `Language`, `Rebirth`, `Bounty`)
VALUES ('" . $CharacterID . "', '" . $UserID . "', '" . $Name ."', '"
. $Hash . "', '" . $HairID . "', '" . $Access . "', '"
. $SkillPoints . "', '" . $RaceID . "', '" . $RaceXP
. "', '" . $ActivationFlag . "', '" . $PermamuteFlag . "', '"
. $Country . "', '" . $Age . "', '" . $Gender ."', '" .
$Email . "', '" . $Level . "', '" . $Copper . "', '" .
$Silver . "', '" . $Gold . "', '" . $Coins . "', '" . $Exp .
"', '" . $ColorHair . "', '" . $ColorSkin . "', '" .
$ColorEye . "', '" . $ColorBase . "', '" . $ColorTrim . "',
'" . $ColorAccessory . "', '" . $SlotsBag . "', '" .
$SlotsBank . "','" . $SlotsHouse . "', '" . $DateCreated .
"', '" . $LastLogin . "', '" . $CpBoostExpire . "', '" .
$RepBoostExpire . "', '" . $GoldBoostExpire . "', '" .
$ExpBoostExpire . "', '" . $UpgradeExpire . "', '" .
$UpgradeDays . "', '" . $Upgraded ."', '" . $Achievement .
"', '" . $Settings . "', '" . $Quests . "', '" . $Quests2 .
"', '" . $DailyQuests0 . "', '" . $DailyQuests1 . "', '" .
$DailyQuests2 . "', '" . $MonthlyQuests0 . "', '" . $LastArea
. "', '" . $SpawnPoint . "', '" . $CurrentServer . "', '" .
$HouseInfo . "', '" . $KillCount . "', '" . $DeathCount . "',
'" . $Address . "', '" . $Language . "', '" . $Rebirth . "',
'" . $Bounty ."')");
This is the query that should insert but won't insert, the network logs in chrome doesn't show the error of my query.
$backupCharacter = $con->query("INSERT INTO `users_characters_history` (`CharacterID`, `UserId`, `Name`, `Hash`, `HairID`, `Access`, `SkillPoints`, `RaceID`, `RaceXP`, `ActivationFlag`, `PermamuteFlag`, `Country`, `Age`, `Gender`, `Email`, `Level`, `Copper`, `Silver`, `Gold`, `Coins`, `Exp`, `ColorHair`, `ColorSkin`, `ColorEye`, `ColorBase`, `ColorTrim`, `ColorAccessory`, `SlotsBag`, `SlotsBank`, `SlotsHouse`, `DateCreated`, `LastLogin`, `CpBoostExpire`, `RepBoostExpire`, `GoldBoostExpire`, `ExpBoostExpire`, `UpgradeExpire`, `UpgradeDays`, `Upgraded`, `Achievement`, `Settings`, `Quests`, `Quests2`, `DailyQuests0`, `DailyQuests1`, `DailyQuests2`, `MonthlyQuests0`, `LastArea`, `SpawnPoint`, `CurrentServer`, `HouseInfo`, `KillCount`, `DeathCount`, `Address`, `Language`, `Rebirth`, `Bounty`)
VALUES ('" . $CharacterID . "', '" . $UserID . "', '" . $Name ."', '" . $Hash . "', '" . $HairID . "', '" . $Access . "', '" . $SkillPoints . "', '" . $RaceID . "', '" . $RaceXP . "', '" . $ActivationFlag . "', '" . $PermamuteFlag . "', '" . $Country . "', '" . $Age . "', '" . $Gender ."', '" . $Email . "', '" . $Level . "', '" . $Copper . "', '" . $Silver . "', '" . $Gold . "', '" . $Coins . "', '" . $Exp . "', '" . $ColorHair . "', '" . $ColorSkin . "', '" . $ColorEye . "', '" . $ColorBase . "', '" . $ColorTrim . "', '" . $ColorAccessory . "', '" . $SlotsBag . "', '" . $SlotsBank . "','" . $SlotsHouse . "', '" . $DateCreated . "', '" . $LastLogin . "', '" . $CpBoostExpire . "', '" . $RepBoostExpire . "', '" . $GoldBoostExpire . "', '" . $ExpBoostExpire . "', '" . $UpgradeExpire . "', '" . $UpgradeDays . "', '" . $Upgraded ."', '" . $Achievement . "', '" . $Settings . "', '" . $Quests . "', '" . $Quests2 . "', '" . $DailyQuests0 . "', '" . $DailyQuests1 . "', '" . $DailyQuests2 . "', '" . $MonthlyQuests0 . "', '" . $LastArea . "', '" . $SpawnPoint . "', '" . $CurrentServer . "', '" . $HouseInfo . "', '" . $KillCount . "', '" . $DeathCount . "', '" . $Address . "', '" . $Language . "', '" . $Rebirth . "', '" . $Bounty ."')");

Thanks to everyone, $con->error showed the error and I was able to solve the problem, the column only accepts 6 characters and the one i'm inserting which is ColorHair has 9 characters, I changed its Length and was able to insert the item.

how to check duplicate records in mysql database

$queryb = "SELECT product, imei, country, warranty, config from PRODUCT WHERE product_slno = '$mnserialno' ";
$resultb = mysql_query($queryb, $gndbconn) ;
if(mysql_num_rows($resultb) > 0)
{
$queryc = "UPDATE PRODUCT SET product='$desc', product_slno='$mnserialno',imei='$imei',country='$country',warranty='$warranty',config='$config' WHERE product_slno = '.$mnserialno.' ";
$resutc = mysql_query($queryc, $gndbconn) ;
}
else{
$querya = "INSERT INTO PRODUCT SET product='$desc', product_slno='$mnserialno',imei='$imei',country='$country',warranty='$warranty',config='$config'";
$resulta = mysql_query($querya, $gndbconn) ;
}
I want to check the serial number if that serial number already exist in database so records get update, otherwise it get insert into the database.
but the code inserting the records only, no updation, what is the fault i am not getting,
how to prevent the duplicate entry?

INSERT INTO PRODUCT SET
(`product`, `product_slno`, `imei`, `country`, `warranty`, `config`)
VALUES
('" . $desc . "', '" . $mnserialno . "', '" . $imei . "', '" . $country . "', '" . $warranty . "', '" . $config . "')
ON DUPLICATE KEY UPDATE
product='" . $desc . "',
product_slno='" . $mnserialno . "',
imei='" . $imei . "',
country='" . $country . "',
warranty='" . $warranty . "',
config='" . $config . "'";

MySQL not inserting NULL Value

This is going to be an easy one for you but I'm a noob so I need help.
Here is my code, for whatever reason the else statement isn't executing. If I change the NULL value for a $variable = NULL it works, but enters an empty string into my database rather than the NULL value. Can anyone help with why?
if (isset($_POST['agreeto']))
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', '" . $_POST['comments'] . "')";
}else
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', " . NULL . ")" or die("couldn't execute my query");
}

MySQL requires the string=NULL and you are passing it the value of the php NULL constant.
if (isset($_POST['agreeto']))
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', '" . $_POST['comments'] . "')";
}else
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "',NULL)" or die("couldn't execute my query");
}

This should work as expected.
Try set the column to int, if this does not work.
INSERT INTO table (val1, val2) VALUES('String Value', NULL);
or set default column value to NULL.

A NULL value can not be enclosed in 'apostrophes'
Think about how you will get the SQL:
INSERT INTO table_name VALUES ('null','');?
The database may understand as a string

Just replace the 'NULL' value with NULL without the quotes.
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', NULL) " or die("couldn't execute my query");
Once you do that and save the record you will see NULL in the database column for that field when you browse via PHPMYADMIN. Please make sure that the field in question "comments" allows NULL.

MySQL Syntax error when inserting

I've got a syntax error in the following code, but I can't find it:
$tableSelect = $_POST["tableSelect"];
$companyName = $_POST["companyName"];
$telephone = $_POST["telephone"];
$fax = $_POST["fax"];
$email = $_POST["email"];
$address = $_POST["address"];
$postcode = $_POST["postcode"];
$category = $_POST["category"];
$contact = $_POST["contact"];
$contactTel = $_POST["contactTel"];
$contactEmail = $_POST["contactEmail"];
$sql = "INSERT INTO '" . $tableSelect . "' ('" . $companyName . "', '" . $telephone . "', '"
. $fax . "', '" . $email . "', '" . $address . "','" . $postcode . "', '" . $category . "',
'" . $contact . "', '" . $contactTel . "', '" . $contactEmail . "')";
mysqli_query($con,$sql);
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
Cheers!
EDIT: I have modified the code to this:
$sql = "INSERT INTO `" . $tableSelect . "` (name, telephone, fax, email, address, postcode, category,
contact, contactTel, contactEmail) VALUES (`" . $companyName . "`, `" . $telephone . "`, `"
. $fax . "`, `" . $email . "`, `" . $address . "`,`" . $postcode . "`, `" . $category . "`,
`" . $contact . "`, `" . $contactTel . "`, `" . $contactEmail . "`)";
and now have the error "Error: Unknown column [companyName] in 'field list'", where [companyName] is the value submitted through the form. But surely I've defined the column as "name"?
Edit 2: Thanks, I'm now aware of the injection issue. I'd like to get it working, then I'll change it to using prepared statements.

You need either a values statement or a select statement:
"INSERT INTO '" . $tableSelect . "' VALUES ('" . $companyName . "', '" . $telephone . "', '"
. $fax . "', '" . $email . "', '" . $address . "','" . $postcode . "', '" . $category . "',
'" . $contact . "', '" . $contactTel . "', '" . $contactEmail . "')";
However, I would also recommend that you include the column names in the insert statement:
"INSERT INTO '" . $tableSelect ."(companyname, telephone, fax, email, address, postcode, category, contact, contactTel, contactEmail) ".
"' VALUES ('" . $companyName . "', '" . $telephone . "', '"
. $fax . "', '" . $email . "', '" . $address . "','" . $postcode . "', '" . $category . "',
'" . $contact . "', '" . $contactTel . "', '" . $contactEmail . "')";
I'm not sure if those are the correct names.

Ignoring injection issues...
$sql = "
INSERT INTO $tableSelect
(name
,telephone
,fax
,email
,address
,postcode
,category
,contact
,contactTel
,contactEmail
) VALUES
('$companyName'
,'$telephone'
,'$fax'
,'$email'
,'$address'
,'$postcode'
,'$category'
,'$contact'
,'$contactTel'
,'$contactEmail'
);
";
Incidentally, in my (limited) experience, the practice of calling the variable (e.g. '$companyName') and the column (e.g. name) two (slightly) different things can get very confusing.

Use backquotes: ` instead of straight quotes when quoting table names:
instead of:
'" . $companyName . "'
this:
`" . $companyName . "`
Use prepared statements instead of putting the variables into the query directly. And check, that the tables names are correct, cause now you are open to SQL injection.
How can I prevent SQL injection in PHP?

please check insert query syntax
you are missing values in your program:
Follow the below Syntax:
INSERT INTO table_name (column1, column2, column3,...)
VALUES (value1, value2, value3,...)

try query like this
$query="insert into abc (a,b,c) values ('a','b','c')
and first check your all variables using isset()

Please try below query:
$sql = "INSERT INTO $tableSelect ('" . $companyName."', '".$telephone."',
'".$fax."', '".$email."', '".$address."', '".$postcode."', '".$category."',
'".$contact."', '".$contactTel."', '".$contactEmail."')";
If still getting error, then you should use mysql_real_escape_string() function.
Data may contain special characters.

escape null values(Nestoria UK)

I am able to retrieve data from a website(Nestoria) and store into my PostGIS database. However not every individual result that is returned have latitude and longitude values and as such they are not stored into the database. I tried using (pg_escape_string) so that it can return null values as double quotes(") but it didn't work. The field type of my lat and long columns in the database is "double precision".
This is a sample output of the error: ("Warning: pg_query() [function.pg-query]: Query failed: ERROR: invalid input syntax for type double precision: "" LINE 1: ...droom garden flat set in a period building with...', '', '') ^ in C:\XAMMP...\database.php on line 12")
Please see the code below for retrieving the data:
<?php
$url = ("http://api.nestoria.co.uk/api?action=search_listings&centre_point=51.5424,-0.1734,2km&listing_type=rent&property_type=all&price_min=min&price_max=max&bedroom_min=0&bedroom_max=0&number_of_results=50&has_photo=1&page=4");
$xml = simplexml_load_file($url);
foreach ($xml->response->listings as $entry) {
echo $entry->attributes()->title;
echo $entry->attributes()->bathroom_number;
echo $entry->attributes()->bedroom_number;
echo $entry->attributes()->datasource_name;
echo $entry->attributes()->guid;
echo $entry->attributes()->img_url;
echo $entry->attributes()->keywords;
echo $entry->attributes()->lister_name;
echo $entry->attributes()->listing_type;
echo $entry->attributes()->price;
echo $entry->attributes()->price_type;
echo $entry->attributes()->property_type;
echo $entry->attributes()->summary;
echo $entry->attributes()->latitude;
echo $entry->attributes()->longitude;
// Process XML file
}
?>
Find below the code to store values into database:
<?php
require 'nestoriauk.php';
// Opens a connection to a PostgresSQL server
$connection = pg_connect("dbname=postgis user=postgres password=xxxx");
// Execute query
foreach ($xml->response->listings as $entry) {
$query = "INSERT INTO nestoriaphp(title, bathroom, bedroom, datasource, guid, image, keywords, lister, listype, price, pricetype, property_type, summary, latitude, longitude) VALUES ('" . pg_escape_string($entry->attributes()->title) . "', '" . pg_escape_string($entry->attributes()->bathroom_number) . "', '" . pg_escape_string($entry->attributes()->bedroom_number) . "', '" . pg_escape_string($entry->attributes()->datasource_name) . "', '" . pg_escape_string($entry->attributes()->guid) ."', '" . pg_escape_string($entry->attributes()->img_url) . "', '" . pg_escape_string($entry->attributes()->keywords) . "', '" . pg_escape_string($entry->attributes()->lister_name) . "', '" . pg_escape_string($entry->attributes()->listing_type) . "', '" . pg_escape_string($entry->attributes()->price) . "', '" . pg_escape_string($entry->attributes()->price_type) . "', '" . pg_escape_string($entry->attributes()->property_type) ."', '" . pg_escape_string($entry->attributes()->summary) . "', '" . pg_escape_string($entry->attributes()->latitude) . "', '" . pg_escape_string($entry->attributes()->longitude) . "')";
$result = pg_query($query);
printf ("These values are inserted into the database - %s %s %s", $entry->attributes()->title, $entry->attributes()->bathroom_number, $entry->attributes()->bedroom_number, $entry->attributes()->datasource_name, $entry->attributes()->guid, $entry->attributes()->img_url, $entry->attributes()->keywords, $entry->attributes()->lister_name, $entry->attributes()->listing_type, $entry->attributes()->price, $entry->attributes()->price_type, $entry->attributes()->property_type, $entry->attributes()->summary, $entry->attributes()->latitude, $entry->attributes()->longitude);
}
pg_close();
?>
Yemi

If a POI has no lat-lon, which value it has? empty string?
assuming that an empty string is returned when there is no lat-lon.
$lon = "NULL";
if($entry->attributes()->longitude != "")
$lon = "'".$entry->attributes()->longitude."'";
$lat = "NULL";
if($entry->attributes()->latitude != "")
$lat = "'".$entry->attributes()->latitude."'";
so query looks like this:
$query = "INSERT INTO nestoriaphp(title, bathroom, bedroom, datasource, guid, image, keywords, lister, listype, price, pricetype, property_type, summary, latitude, longitude) VALUES ('" . pg_escape_string($entry->attributes()->title) . "', '" . pg_escape_string($entry->attributes()->bathroom_number) . "', '" . pg_escape_string($entry->attributes()->bedroom_number) . "', '" . pg_escape_string($entry->attributes()->datasource_name) . "', '" . pg_escape_string($entry->attributes()->guid) ."', '" . pg_escape_string($entry->attributes()->img_url) . "', '" . pg_escape_string($entry->attributes()->keywords) . "', '" . pg_escape_string($entry->attributes()->lister_name) . "', '" . pg_escape_string($entry->attributes()->listing_type) . "', '" . pg_escape_string($entry->attributes()->price) . "', '" . pg_escape_string($entry->attributes()->price_type) . "', '" . pg_escape_string($entry->attributes()->property_type) ."', '" . pg_escape_string($entry->attributes()->summary) . "', " . $lat . ", " . $lon . ")";
Note that the NULL value has no '' in sql.