This question already has answers here:
UTF-8 all the way through
(13 answers)
Closed 6 years ago.
I can get UTF-8 letters from database for example these: ąčęėįšųūž, but can't insert them to database, for some reason only š gets inserted into database, the rest are inserted as ?. I'm connecting to my database through this file:
<?php
$GLOBALS['mysqli'] = new mysqli("...", "...", "...", "...");
$stmt = $GLOBALS['mysqli'] -> prepare("SET NAMES 'utf8'");
$stmt->execute();
?>
And then inserting data through this code:
$linkName = $_POST['linkName'];
$stmt = $GLOBALS['mysqli'] -> prepare
("
INSERT INTO NavigationLinks (linkName, fileName, iconExt)
VALUES (?, ?, ?)
");
$stmt->bind_param("sss", $linkName, $fileName, $iconExt);
$stmt->execute();
$stmt->close();
Before insertion I've tried to echo $linkName and it outputs correct characters.
Use a UTF8 encoding/collation on the tables and columns you want to add UTF8 data to.
Related
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 2 years ago.
I want to query one new to sql table, the code run but it doesn't insert anything into the database.
I try to read back the pdo manual but doesn't understand which part I am wrong.
$query = "INSERT INTO 'easycomputing'('STID', 'NAME', 'TONG') VALUES (:STID, :NAME, :TONG)";
$dns = " mysql:host=localhost;dbname=phan1";
$username="root";
$password= "";
// $password="";
try{
//access the database
$db = new PDO($dns, $username, $password);
//execute the query
$statement = $db->prepare($query);
$statement->bindValue(':STID', 137, PDO::PARAM_INT);
$statement->bindValue(':NAME', 'tenten', PDO::PARAM_STR);
$statement->bindValue(':TONG', 5, PDO::PARAM_INT);
//execute the query
if( $statement->execute() ){
echo "record tranfer successfully";
}else{
echo "fail to execute the record";
}
Sorry, but I think that you shouldn't isert the name of columns between codes : (STID, NAME, TONG)
I have a database that contains latin chars like á, é, ç etc. I can insert tuples with those chars using the MySQL admin interface by writing the SQL insert statements there. I can also read and display them without any problem. But I can't insert new data properly using PHP.
$mysqli = new mysqli("localhost", "root", "", "budgets");
$data = mysqli_real_escape_string($mysqli, "bananá");
$stmt = $mysqli->prepare("INSERT INTO items(id_budget, description, unit_price, quantity) VALUES (1, ?, 3, 3);");
$stmt->bind_param("s", $data);
$stmt->execute();
I have read several threads suggesting to use mysqli_real_escape_string(), and making sure the charsets were configured properly, but nothing worked.
I tried using different charsets in the database but the á is always replaced by strange symbols. Currently I'm using utf8_general_ci as the charset of the database.
Thank you in advance for any assistance.
First thing setup your table rows collcation to utf8_unicode_c
And add $mysqli->set_charset("utf8"); to your connection code
Finaly your code should look like this :
$mysqli = mysqli_connect(HOST_NAME,DB_USER,DB_PASS,DB_NAME);
if($mysqli === false) {
die("Something was wrong ! Please try again later."); // Error if connection not ok.
}
$mysqli->set_charset("utf8");
$data = "bananá";
$stmt = $mysqli->prepare("INSERT INTO items(id_budget, description, unit_price, quantity) VALUES (1, ?, 3, 3);");
$stmt->bind_param("s", $data);
$stmt->execute();
$stmt->close();
$mysqli->close();
This question already has answers here:
How do I get the last inserted ID of a MySQL table in PHP?
(16 answers)
Closed 7 years ago.
I'm inserting a row in the following way:
require("localhost_credentials.php");
$conn = new mysqli($db_servername, $db_username, $db_password, $db_name);
if($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
$q_title = $fixed_title;
$q_tags = $_POST['tag_input'];
$q_mod = "n";
$q_t_create = date("m/d/Y # G:i:s");
$q_t_modified = date("m/d/Y # G:i:s");
$querystr = "INSERT INTO mytable (title, tags, moderator, time_created, time_last_modified) ";
$querystr .= "VALUES (?, ?, ?, ?, ?);";
$statement = $conn->prepare($querystr);
$statement->bind_param("sssss", $q_title, $q_tags, $q_mod, $q_t_create, $q_t_modified);
$statement->execute();
I would like to get the id of the row I just inserted without having to do a second query. I've seen a few methods to do this on SO, but every time there's a debate as to which way it should and should not be done and I'm kind of confused.
Using prepared statements, how do I get the id of a newly inserted row using only one query?
As long as you do not execute multi insert, you can use
$conn->insert_id
It is populated automatically when a statement created from that connection executes INSERT query.
you can use something like this :
$last_id = $statement->insert_id($conn);
this will return the last inserted row id .
This question already has answers here:
Table name as parameter using PDO/MySQL prepared statement [duplicate]
(2 answers)
Closed 8 years ago.
$dbh = new PDO('mysql:host=' . $_POST['db_host'], $_POST['db_user'], $_POST['db_user_password']);
$sql = 'CREATE DATABASE :db_name';
$sth = $dbh->prepare($sql);
$sth->bindParam(':db_name', $_POST['db_name']);
var_dump($sth->execute());
It's allways show false. But if directly specify db_name, like this:
$sql = 'CREATE DATABASE database';
$sth = $dbh->prepare($sql);
$sth->execute();
It will work. What I'm doing wrong?
You can only bind data (column values) in parametrized query, not column name and table name. Also, in your code you tried to parametrize connection initialization which I think not correct.
You can alternatively depend on white list of db names:
$databases = array('dbone', 'dbtwo');
then check
if(in_array($_POST['db_name'], $databases) ){
$dbname = $_POST['db_name'];
}
This question already has answers here:
How to include a PHP variable inside a MySQL statement
(5 answers)
Closed 3 years ago.
I have a mysqli query with the following code:
$db_usag->query("UPDATE Applicant SET phone_number ='$phone_number',
street_name='$street_name', city='$city', county='$county', zip_code='$zip_code', day_date='$day_date', month_date='$month_date',
year_date='$year_date' WHERE account_id='$account_id'");
However all the data is extracted from HTML documents so to avoid errors I would like to use a prepared statement. I found PHP documentation on bind_param() but there is no UPDATE example.
An UPDATE works the same as an insert or select. Just replace all the variables with ?.
$sql = "UPDATE Applicant SET phone_number=?, street_name=?, city=?, county=?, zip_code=?, day_date=?, month_date=?, year_date=? WHERE account_id=?";
$stmt = $db_usag->prepare($sql);
// This assumes the date and account_id parameters are integers `d` and the rest are strings `s`
// So that's 5 consecutive string params and then 4 integer params
$stmt->bind_param('sssssdddd', $phone_number, $street_name, $city, $county, $zip_code, $day_date, $month_date, $year_date, $account_id);
$stmt->execute();
if ($stmt->error) {
echo "FAILURE!!! " . $stmt->error;
}
else echo "Updated {$stmt->affected_rows} rows";
$stmt->close();