database updating using php - php

well i just made a form in HTML witch accepts user inputs and a mysql database to store them, now in the php file everything goes well no errors but the problem is the data never displays in the database, here is the php file:
<?php
if(isset($_POST["submitacc"])){
$servernm = "localhost";
$serverusrnm = "root";
$serverpass = "2003";
$db = "blue";
$conn = new mysqli($servernm, $serverusrnm, $serverpass, $db);
if($conn ->connect_error){
die("connection failed".$conn->connect_error);
}
$fnm = $_POST["fnm"];
$lnm = $_POST["lnm"];
$mail = $_POST["mail"];
$pass = $_POST["pass"];
$age = $_POST["age"];
$gender = $_POST["gender"];
if(isset($_POST["gender"])&&$_POST["gender"]=="male"){
$gender = "male";
}else {
$gender = "female";
}
$mysql="update createacc set fnm = '$fnm', lnm = '$lnm', mail = '$mail', passwod = '$pass', age = '$age', gender = '$gender' ";
if($conn->query($mysql)== true){
echo "record updated";
}else {
echo "error updating record".$conn->error;
}
$conn->close();
}
?>

Use mysqli_query() instead of query(). Also use WHERE clause in your $mysql variable. The WHERE clause specifies which record or records that should be updated. If you omit the WHERE clause, all records will be updated!
Example:
if(mysqli_query($conn , $mysql)){
echo "Records were updated successfully.";
} else {
echo "ERROR: Could not able to execute $mysql. " . mysqli_error($conn);
}

Related

Form data is not getting inserted in MySQL Database

Form data is not getting inserted in MYSQL . Form successfully posts data (I have checked with var dump). Please help me with this.
This is my action PHP.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname= "test";
$conn = new mysqli($servername,$username,$password,$dbname);
if($conn->connect_error){
die("connection failed:" .$conn->connect_error);
}
else{
echo "Connected successfully";
}
$selected = mysqli_select_db($conn,$dbname);
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$address = $_POST['address'];
//$gender = $_POST['male'];
//$gender = $_POST['female'];
$sql = "INSERT INTO test1 (first_name,last_name,email,mob,home_address) VALUES ('$first_name','$last_name','$email','$mobile','$address')";
var_dump($sql);
?>
You are missing the last part which executes the query to save the data:
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}

"Can't use function return value in write context" when using mysqli_num_rows()

I've been working on adding users to my database and I tried to do something to check if login is already occupied. If it's not, PHP should add the user to database, else give alert that login is already used. Here's my code:
<?php
$servername = 'localhost';
$username = 'wiktor';
$password = 'wiktor';
$database = 'something';
$login = $_POST['login'];
$passwd = $_POST['pass'];
$name = $_POST['name'];
$surname = $_POST['sur'];
$conn = new mysqli($servername, $username, $password, $database);
if ($conn->connect_error) {
die("Error " . $conn->connect_error);
} else {
echo "Connect success <br>";
}
$check = "select login from users where login = '$login'";
$test = $conn->query($check);
if(mysqli_num_rows($test) = 0){
$sql = "insert into users
values (null,'$login','$passwd','$name','$surname')";
if ($conn->query($sql) === TRUE) {
echo "Success";
} else {
echo "Error " . $sql . "<br>" . $conn->error;
}
} else {
echo "The login is already in use!";
}
$conn->close();
?>
I'm getting "Can't use function return value in write context" on line
if(mysqli_num_rows($test) = 0)
which checks if there are any records with that login.
I used something similar before and it worked perfectly so what could be the problem now?
Write this
if(mysqli_num_rows($test) == 0)
Instead of,
if(mysqli_num_rows($test) = 0)

User information not getting into MYSQL db

m making this user signup form and linking the user email name and password tot he table in mysql DB, but it's not showing any row in mySQl DB.
Here is the code:
if(isset($_POST['submit']))
{
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$query_input = mysql_query($connect,"INSERT INTO user_basic_info(username,email,password)VALUES('$username','$email','$password')");
if($query_input){
echo "done and dope";
}
else{
echo "no";
}
}
You have a error in your mysql_query function
$query_input = mysql_query("INSERT INTO user_basic_info(username,email,password) VALUES('$username','$email','$password')",$connect);
see http://php.net/manual/en/function.mysql-query.php
BTW please use mysqli
mysqli_query("INSERT INTO user_basic_info(username,email,password)VALUES('$username','‌​$email','$password')‌​",$connect);
Firstly you should try to use MySQLi or PDO (tutorial here)
$connect = mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['submit']))
{
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$query_input = mysqli_query($connect,"INSERT INTO user_basic_info(username,email,password)VALUES('$username','$email','$password')");
if($query_input){
echo "done and dope";
}
else{
echo "no";
}
//close db connection
mysqli_close($connect);
}

Using data from sql table within condition in PHP

I am very new to coding.
I am trying to select data from a table in SQL then use this data as part of a condition in a PHP If statement. The code I am using appears below. The echo $row["endsequence"]; line shows the correct value has been retrieved from the database, but the record isn't being updated as I need it to be in the final part of code. Any help much appreciated.
<?php
$result = filter_var($_GET['result'], FILTER_SANITIZE_STRING);
$action = filter_var($_GET['action'], FILTER_SANITIZE_STRING);
$pupilid = filter_var($_GET['pupilid'], FILTER_SANITIZE_NUMBER_INT);
$pathwayid = filter_var($_GET['pathwayid'], FILTER_SANITIZE_NUMBER_INT);
$stageid = filter_var($_GET['stageid'], FILTER_SANITIZE_NUMBER_INT);
$resourceid = filter_var($_GET['resourceid'], FILTER_SANITIZE_NUMBER_INT);
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "planit";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
$sql = "SELECT endsequence FROM resources WHERE id= " . $resourceid;
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo $row["endsequence"];
}
} else {
echo "0 results";
}
if ($result == 'fail' && $action == 'tryagain' && $row['endsequence'] == "2") {
$sql1 = "UPDATE pupils SET activeresourceid = (SELECT nextresourceid FROM resources WHERE id=$resourceid) WHERE id=$pupilid";
}
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
if ($conn->query($sql1) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
mysqli_close($conn);
?>

php to MySQL not working and not sure why

Its a really simple script, or at least it should be. I am kinda not sure around pHp so Im not sure where I am going wrong.
This page is called from a submit button on a form, all it is supposed to do is capture the name, email address and date of submission and add it to my database.
I can connect to the database without issue but cannot add to the database.
For some reason, everytime I load this page I also get a blank screen. pHp / SQL doesnt look like it has friendly bug reporting.
Here is the code with obvious info take outs.
<html>
<head>
</head>
<?php
$db_host = "localhost";
$db_username = "root";
$db_pass = "123";
$db_name = "emailtest";
$conn = #mysql_connect($db_host,$db_username,$db_pass,$db_name);
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
} else {
echo "Good connection ";
}
if(!empty($_REQUEST['name']))
{
$name = $_REQUEST['name'];
echo "hello, $name ";
if(!empty($_REQUEST['email']))
{
$email = $_REQUEST['email'];
}
else
{
$email = NULL;
}
if($email)
{
if ($conn->query($sql) === TRUE)
{
$dateTime = date("Y/m/d");
$sql = "INSERT INTO Newsletter_signup (name, email, sign_up_date) VALUES('$name','$email','$dateTime')";
echo "Record updated successfully <br/>";
echo "The email address, $email , has been added to the newsletter.";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
}
else
{
echo 'Please go back and insert an email address.';
}
?>
<body id="body">
// body style stuff
</body>
</html>
because you define $sql after the $conn->query($sql) and $sql is empty.
You're mixing up MySQL and MySQLi
mysqli_connect returns an instance for mysqli.
Your script should throw an error for trying to call a method on a non-object, because mysql_connect returns a resource.
You should enable error reporting at first (See: this SO question + answer)
The second thing is what #LTasty said: You use $sql, which is not defined at the point you want to execute the query.
When you changed these things, you should have a look at prepared statements, because your script is vulnerable against SQL injection.
Thanks all. I would like to say that you all gave credit to the answer.
For people learning from my mistakes here is the code that now works.
I will only put up the php side code.
<?php
$db_host = "localhost";
$db_username = "root";
$db_pass = "123";
$db_name = "emailtest";
$conn = new mysqli($db_host,$db_username,$db_pass,$db_name);
$dateTime = date("Y/m/d");
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
} else {
echo "Good connection ";
}
if(!empty($_REQUEST['name']))
{
$name = $_REQUEST['name'];
echo "hello, $name ";
}
if(!empty($_REQUEST['email']))
{
$email = $_REQUEST['email'];
}
else
{
$email = NULL;
}
if($email)
{
$sql = "INSERT INTO Newsletter_signup (name, email, sign_up_date) VALUES('$name','$email','$dateTime')";
if ($conn->query($sql) === TRUE)
{
echo "Record updated successfully <br/>";
echo "The email address, $email , has been added to the newsletter.";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
}
else
{
echo 'Please go back and insert an email address.';
}
?>
I havent included the error reporting that can be activiated via pHp into my script yet, but thanks for the link I will include it now.

Categories