connect php to mysql database - php

I'm trying to connect an html form to a mysql database through php. This is my code for the php script:
include_once('db_connect.php');
if(isset($_REQUEST['submit'])) {
$lokotitle=$_POST['lokotitle'];
$description=$_POST['description'];
$category=$_POST['category'];
$showyourname=$_POST['showyourname'];
$yourname=$_POST['yourname'];
$lat=$_POST['lat'];
$lng=$_POST['lng'];
// Will add form validation here
if ($errorMessage != "" ) {
echo "<p class='message'>" .$errorMessage. "</p>" ;
}
else{
//Inserting record in table using INSERT query
$insqDbtb="INSERT INTO `new_loko`.`web_form`
(`lokotitle`, `description`, `category`, `showyourname`, `yourname`, `lat`, `lng`) VALUES ('$lokotitle', '$description', '$category', '$showyourname', '$yourname', '$lat', '$lng')";
mysqli_query($link,$insqDbtb) or die(mysqli_error($link));
?>
<script type="text/javascript">window.location = "submit_success.php";</script>
<?php
}
}
My include_once('db_connect.php') is properly working, but the php simply runs this part, checks that the connection is working, which it is, and then stops without actually uploading the data to the database. I can't figure out what's wrong with the code. Also, I had this working earlier and am not sure why it no longer is.
Thanks in advance for the much needed help.


declare your $errorMessage with empty then change value as per validations.
<?php
include_once('db_connect.php');
if(isset($_REQUEST['submit'])) {
$lokotitle=$_POST['lokotitle'];
$description=$_POST['description'];
$category=$_POST['category'];
$showyourname=$_POST['showyourname'];
$yourname=$_POST['yourname'];
$lat=$_POST['lat'];
$lng=$_POST['lng'];
$errorMessage="";
/* some validation
if(validation)
$errorMessage="some message";
-------------------
-------------------
-------------------
// Will add form validation here
*/
if ($errorMessage != "" ) {
echo "<p class='message'>" .$errorMessage. "</p>" ;
}
else{
//Inserting record in table using INSERT query
$insqDbtb="INSERT INTO `new_loko`.`web_form`
(`lokotitle`, `description`, `category`, `showyourname`, `yourname`, `lat`, `lng`) VALUES ('$lokotitle', '$description', '$category', '$showyourname', '$yourname', '$lat', '$lng')";
mysqli_query($link,$insqDbtb) or die(mysqli_error($link));
?>
<script type="text/javascript">window.location = "submit_success.php";</script>
<?php
}
}
?>


It looks like you may have some extra `s in your call database.table call
yours
$insqDbtb="INSERT INTO `new_loko`.`web_form`
(`lokotitle`, `description`, `category`, `showyourname`, `yourname`, `lat`, `lng`) VALUES ('$lokotitle', '$description', '$category', '$showyourname', '$yourname', '$lat', '$lng')";
mysqli_query($link,$insqDbtb) or die(mysqli_error($link));
try this:
$insqDbtb="INSERT INTO `new_loko.web_form`
(`lokotitle`, `description`, `category`, `showyourname`, `yourname`, `lat`, `lng`) VALUES ('$lokotitle', '$description', '$category', '$showyourname', '$yourname', '$lat', '$lng')";
mysqli_query($link,$insqDbtb) or die(mysqli_error($link));

Related

IP address wrong on database insert

I'm having a problem writting an IP to the database.
If I print $ip after $ip=$_SERVER['REMOTE_ADDR'];, I obtain 54.231.128.128. But if I insert ip to database, it inserts 203223. Here is my code.
<?php include "db.php";
session_start();
$toemail=$_POST["toemail"];
$report=$_POST["report"];
$ip=$_SERVER['REMOTE_ADDR'];
$fromemail=$_SESSION['nahid'];
$date=(time());
$tatus="Active";
if(!$_POST['submit']) {
echo "Please fill out the form";
} else {
// $query_auto = "INSERT INTO form (date, time) VALUE ('DATE: Auto CURDATE()', CURDATE() )";
mysql_query("INSERT INTO report(`id`, `from`, `msg`, `to`, `date`, `ip`, `status`)
VALUES(NULL,'$fromemail','$report','$toemail','$date', '$ip', '$tatus')") or die(mysql_error());
header('Location: report_congratulations.php');
}
?>

REFERENCE INET_ATON and INET_NTOA
mysql_query("INSERT INTO report(`id`, `from`, `msg`, `to`, `date`, (INET_ATON('$ip')), `status`)
VALUES(NULL,'$fromemail','$report','$toemail','$date', '$ip', '$tatus')") or die(mysql_error());

Problem solved. My Database IP column was integer. But now I converted varchar and problem has solved.

Db Insert from php form not working

I have put together what I think is a simple addition to a php form-processing script (to insert data in a database, after sending it through to an email).
For some reason, I always get the error message, and the actual input of the data never gets through to the database. I've added the query to the output, and all the received values seem alright.
Thanks in advance.
// username, passw, database are all defined earlier in code.
// all the variables are taken out of form inputs (and they all arrive fine by email.
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
//inserting data order
$order = "INSERT INTO flights('restime', 'flyfrom', 'flyto', 'dateoutbound', 'outboundflex', 'datereturn', 'returnflex', 'pax', 'klasse', 'name', 'email', 'phone', 'comments', 'status') VALUES('$date', '$fly_from', '$fly_to', '$date_outbound', '$outbound_flex', '$date_return', '$return_flex', '$pax', '$class', '$name', '$email', '$phone', '$comments', '1')";
//declare in the order variable
$result = mysql_query($order); //order executes
if($result){
echo("<br>Input data is succeed");
} else{
echo("<br>Input data is fail");
echo $order;
}
Thanks a lot in advance.

Database configuration setting must be like below
$link=mysql_connect(localhost,$username,$password);
#mysql_select_db($database,$link) or die( "Unable to select database");
After this you can write your insert query and etc....

You should not use the single quotes for fields in the query. if you use the backticks, then you don't get error. Just like the following
You must use the mysql_error() function to check the error in the query. Check the below code.
I have found one more issue. You have to use single quotes around the hostname in mysql_connect function. This also may cause error.
I have used the following code. It is working fine for me.
<?php mysql_connect('localhost','root','');
#mysql_select_db('test') or die( "Unable to select database");
//inserting data order
$order = "INSERT INTO testone (`restime`, `flyfrom`, `flyto`, `dateoutbound`, `outboundflex`, `datereturn`, `returnflex`, `pax`, `klasse`, `name`, `email`, `phone`, `comments`, `status`) VALUES('$date', '$fly_from', '$fly_to', '$date_outbound', '$outbound_flex', '$date_return', '$return_flex', '$pax', '$class', '$name', '$email', '$phone', '$comments', '1')";
//declare in the order variable
$result = mysql_query($order) or die(mysql_error()); //order executes
if($result){
echo("<br>Input data is succeed");
} else{
echo("<br>Input data is fail");
echo $order;
}

error is in this query :
$order = "INSERT INTO flights('restime', 'flyfrom', 'flyto', 'dateoutbound', 'outboundflex', 'datereturn', 'returnflex', 'pax', 'klasse', 'name', 'email', 'phone', 'comments', 'status') VALUES('$date', '$fly_from', '$fly_to', '$date_outbound', '$outbound_flex', '$date_return', '$return_flex', '$pax', '$class', '$name', '$email', '$phone', '$comments', '1')";
You are using ' in-spite of using ` for the column name in the table.
use this query and i am sure it will run great
$order = "INSERT INTO testone (`restime`, `flyfrom`, `flyto`, `dateoutbound`, `outboundflex`, `datereturn`, `returnflex`, `pax`, `klasse`, `name`, `email`, `phone`, `comments`, `status`) VALUES('$date', '$fly_from', '$fly_to', '$date_outbound', '$outbound_flex', '$date_return', '$return_flex', '$pax', '$class', '$name', '$email', '$phone', '$comments', '1')";
:)

php inserting to database fail

I have following message box error, says Failed. these are my codes:
<?php
require('admin/connectdb.php');
if (isset($_POST['Sub']))
{
//get data from reservation form
$cutomername=$_POST['aname'];
$gender=$_POST['sex'];
$phoneno=$_POST['tel'];
$email=$_POST['email'];
$age=$_POST['age'];
$computerpart=$_POST['partcomp'];
$option1=$_POST['option1'];
$notes=$_POST['Notes'];
$query="INSERT INTO `assignmentwebprog`.`reservation` (`cumstomername`, `gender`, `phoneno`, `email`, `age`, `typeofcomputerpart`, `option`, `notes`)
VALUES ('$cutomername', '$gender', '$phoneno', '$email', '$age', '$computerpart', '$option1', '$notes')";
$qresult = mysql_query($query);
if ($qresult){
echo "<script type='text/javascript'>alert('submitted successfully!')</script>";
}
else
{
echo "<script type='text/javascript'>alert('failed!')</script>";
}
}
?>
up there is inserting value to phpmyadmin & every time i load/input then click enter then the page shows message box "failed"
these are my database:
<?php
$host="localhost"; // Host name
$username="root"; // username
$username="root"; // username
$db_name="assignmentwebprog"; //database name
$tbl_name="reservation";
// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");
?>
currently my database is phpmyadmin, is there something missing with my code?

Check to see if the field in the database cumstomername is spelt correctly.
It should probably be customername
Passing the paramter
$cutomername=$_POST['aname'];
SQL
$query="INSERT INTO `assignmentwebprog`.`reservation` (`cumstomername`, `gender`, `phoneno`, `email`, `age`, `typeofcomputerpart`, `option`, `notes`)
VALUES ('$cutomername', '$gender', '$phoneno', '$email', '$age', '$computerpart', '$option1', '$notes')";

Change this line and try:
$qresult = mysql_query($query) or die(mysql_error());

check this :
$query="INSERT INTO reservation (cumstomername, gender, phoneno, email, age, typeofcomputerpart, option, notes)
VALUES ('$cutomername', '$gender', '$phoneno', '$email', '$age', '$computerpart', '$option1', '$notes')";
$qresult = mysql_query($query) or die(mysql_error());

You might have missing something in the $query which is mandatory for the table insertion.
First echo the query on the page. // echo $query ;
Then RUN the query in phpmyadmin and you will get the reason why it is not inserting in the table. See the error there.

PHP Mysql Query (INSERT) Issue

I am having an issue with a MySQL query as follows:
My script generates this as an example query:
INSERT INTO `contacts`(`name`, `phone`, `email`, `city`, `state`, `date`) VALUES ('Test2', '123-456-7890', 'test#test.com', 'mesa', 'az', '04-14-2013')
Which if I drop directly into PHPMyA, works fine. However, the PHP script I am trying to use to send the query from my website is not working and I can't get it figured out. Here it is:
$sql = "INSERT INTO `contacts`(`name`, `phone`, `email`, `city`, `state`, `date`) VALUES ('$name', '$phone', '$email', '$city', '$state', '$date')";
mysql_query($sql);
$result = mysql_query($sql);
if($result)
{
echo("<br>Data Input OK");
}
else
{
echo("<br>Data Input Failed");
}
Nothing makes it to the MySQL DB and no PHP errors are displayed, however, if I echo $sql I get the exact query I posted previously.

Just remove the single line mysql_query($sql); on your code and you will be fine.. But you should better start practicing PHP MySQLi which stands for PHP MySQL Improved, such:
$con = mysqli_connect($host, $user, $password, $password);
$sql = "INSERT INTO `contacts`(`name`, `phone`, `email`, `city`, `state`, `date`) VALUES ('$name', '$phone', '$email', '$city', '$state', '$date')";
$result = mysqli_query($con, $sql);
if($result) {
echo("<br>Data Input OK");
} else {
echo("<br>Data Input Failed");
}

$sql = 'INSERT INTO Table_name (`id`, `name`) VALUES ("1", "php");

You are executing $sql twice in your script wich is causing the error, please remove
mysql_query($sql);
And it will be ready to go
I would also suggest to stop using mysql_query please switch to mysqli or PDO

Are you sure there is a valid connection (..mysql_connect())? Try using the full syntax like so..
$conn = mysql_connect(...);
$result = mysql_query($query, $conn);
Also try forcing a commit after you execute the statement -
$mysql_query("COMMIT", $conn);

You are running mysql_query twice. Reason of the error. Try running the following code.
$sql = "INSERT INTO `contacts`(`name`, `phone`, `email`, `city`, `state`, `date`) VALUES ('$name', '$phone', '$email', '$city', '$state', '$date')";
$result = mysql_query($sql) or die(mysql_error());
if($result){
echo("<br>Data Input OK");
} else{
echo("<br>Data Input Failed");
}

use this
"INSERT INTO `contacts`(`name`, `phone`, `email`, `city`, `state`, `date`) VALUES ('$_POST[name]', '$_POST[phone]', '$_POST[email]', '$_POST[city]', '$_POST[state]', '$_POST[date]')";

Try to use mysql_query($sql,$con); instead of mysql_query($sql);.

if(isset($_POST['submit']))
{
$name=$_POST['name'];
$age=$_POST['age'];
$address=$_POST['address'];
$ins="insert into table_name(`name`,`age`,`address`)values('".$name."','".$age."','".$address."')";
mysql_query($ins);
echo 'data inserted successfully';
}

PHP foreach issue with empty fields

I have a big form
This form is processed by a PHP file called by a serialize jQuery function
foreach($_GET['claimant'] as $k=>$v) {
$insClaim = "INSERT INTO `cR_Claimants` (`memberID`, `ParentSubmission`, `Name`, `DOB`, `Company`, `Email`, `MainPhone`, `OtherPhone`, `MobilePhone`, `OwnershipPercentage`, `Address`, `ZIPcode`, `Country`) VALUES ('".$memberID."', '".$refNumb."', '".mysql_real_escape_string($v['name'])."', '".$v['DOB']."', '".mysql_real_escape_string($v['company'])."', '".$v['email']."', '".$v['mainPhone']."', '".$v['alternatePhone']."', '".$v['mobilePhone']."', '".mysql_real_escape_string($v['percentage'])."', '".mysql_real_escape_string($v['address'])."', '".$v['ZIP']."', '".$v['country']."')";
$resultinsClaim=mysql_query($insClaim) or die("Error insert Claimants: ".mysql_error());
}
The problem is that $_GET['claimant'] in certain cases can be empty. I mean that the relative field has not been entered at all.
When this happens obviously the Insert should not run when that specific $_GET['claimant'] is empty.
I tried the two following solutions, but they do not work, the Insert runs anyway, putting in my DB empty strings.
Please help.
foreach($_GET['claimant'] as $k=>$v) {
if($_GET['claimant'] != "") {
$insClaim = "INSERT INTO `cR_Claimants` (`memberID`, `ParentSubmission`, `Name`, `DOB`, `Company`, `Email`, `MainPhone`, `OtherPhone`, `MobilePhone`, `OwnershipPercentage`, `Address`, `ZIPcode`, `Country`) VALUES ('".$memberID."', '".$refNumb."', '".mysql_real_escape_string($v['name'])."', '".$v['DOB']."', '".mysql_real_escape_string($v['company'])."', '".$v['email']."', '".$v['mainPhone']."', '".$v['alternatePhone']."', '".$v['mobilePhone']."', '".mysql_real_escape_string($v['percentage'])."', '".mysql_real_escape_string($v['address'])."', '".$v['ZIP']."', '".$v['country']."')";
$resultinsClaim=mysql_query($insClaim) or die("Error insert Claimants: ".mysql_error());
}
}
AND
foreach($_GET['claimant'] as $k=>$v) {
if(!empty($_GET['claimant'])) {
$insClaim = "INSERT INTO `cR_Claimants` (`memberID`, `ParentSubmission`, `Name`, `DOB`, `Company`, `Email`, `MainPhone`, `OtherPhone`, `MobilePhone`, `OwnershipPercentage`, `Address`, `ZIPcode`, `Country`) VALUES ('".$memberID."', '".$refNumb."', '".mysql_real_escape_string($v['name'])."', '".$v['DOB']."', '".mysql_real_escape_string($v['company'])."', '".$v['email']."', '".$v['mainPhone']."', '".$v['alternatePhone']."', '".$v['mobilePhone']."', '".mysql_real_escape_string($v['percentage'])."', '".mysql_real_escape_string($v['address'])."', '".$v['ZIP']."', '".$v['country']."')";
$resultinsClaim=mysql_query($insClaim) or die("Error insert Claimants: ".mysql_error());
}
}

If $_GET['claimant'] is an array, you should ask for its length:
if (count($_GET['claimant']) > 0) { ... }

The check should be:
if(!empty($v)) {
// Stuff here
}
This is assuming that the GET variable actually contains an array of arrays.
Most likely you don't need the foreach.
This code is also vulnerable to SQL injection, all parameters needs to be escaped before entered into a SQL query
Try this instead:
$vals = $_GET['claimant'];
if(!empty($vals)) {
$query = "INSERT INTO `cR_Claimants` (`memberID`, `ParentSubmission`, `Name`, `DOB`, `Company`, `Email`, `MainPhone`, `OtherPhone`, `MobilePhone`, `OwnershipPercentage`, `Address`, `ZIPcode`, `Country`) VALUES ('".$memberID."', '".$refNumb."', '".mysql_real_escape_string($vals['name'])."', '".mysql_real_escape_string($vals['DOB'])."', '".mysql_real_escape_string($vals['company'])."', '".mysql_real_escape_string($vals['email'])."', '".mysql_real_escape_string($vals['mainPhone'])."', '".mysql_real_escape_string($vals['alternatePhone'])."', '".mysql_real_escape_string($vals['mobilePhone'])."', '".mysql_real_escape_string($vals['percentage'])."', '".mysql_real_escape_string($vals['address'])."', '".mysql_real_escape_string($vals['ZIP'])."', '".mysql_real_escape_string($vals['country'])."')";
$resultinsClaim=mysql_query($insClaim) or die("Error insert Claimants: ".mysql_error());
}

Not sure why you're using a foreach() loop here..._GET['claimant'] is probably not an array of values unless you have multiple fields on your form called claimant[].
Just do this:
$claimant = $_GET['claimant'];
if( $claimant != ""){
$insClaim = "YOUR REALLY LONG QUERY";
// etc.
}
ALSO: please, please, please use mysql_real_escape_string() on all incoming request parameters.

Categories