Why does my code not insert the details to the database? - php

I have written the following code to insert data into my database table, but unfortunately, it doesn't work. I have double and triple-checked the code and there are no errors at all. The console also doesn't show any as well.
I have not misspelled any of the details required to connect to the database and the variables are also correct so I am at a loss.
If anyone could help it would be be deeply appreciated.
My code:
<?php
function obfuscate($type, $data) {
if ($type == "PIN"):
$f_int = (int)md5($data);
$data = str_split($data);
$rev = implode("", array_reverse($data));
$sum = array_sum($data) + $f_int;
$data = implode("", $data);
$data += $sum + $rev + 1026;
// Keep the first four digits if the result is longer
if (strlen($data) > 4):
$data = substr($data, 0, 4);
endif;
return $data;
elseif ($type == "password"):
$data = password_hash($data, PASSWORD_DEFAULT, ['cost' => 12]);
return $data;
endif;
}
function insert_user($username, $email, $password, $PIN, $Account_Type, $Account_Status, $Referrer, $Balance) {
// Connect to the server and the database or show error
$connection = mysqli_connect("localhost", "root", "") or die("Couldn't connect to the server.");
mysqli_select_db($connection, "Calisoft_flu_db") or die("Couldn't connect to the database.");
// Sanitise the data
$username = mysqli_real_escape_string($connection, $username);
$email = mysqli_real_escape_string($connection, $email);
$password = mysqli_real_escape_string($connection, $password);
$PIN = mysqli_real_escape_string($connection, $PIN);
// Get the rest of the data
$Registration_Date = date("Y-m-d");
// Obfuscate password and PIN
$password = obfuscate("password", $password);
$PIN = obfuscate("PIN", $PIN);
// Make query and insert data to database
$query = "INSERT INTO `users` (`ID`, `Username`, `Email`, `Password`, `PIN`, `Registration_Date`, `Account_Type`, `Account_Status`, `Referrer`, `Balance`) VALUES ('NULL', '$username', '$email', '$password', '$PIN', '$Registration_Date', '$Account_Type', '$Account_Status', '$Referrer', '$Balance')";
$registered = mysqli_query($connection, $query);
if ($registered) {
echo "Register successful!";
}
// End the connection
mysqli_close($connection);
}
insert_user("#user1", "user#gmail.com", "user12345678", "1234", "Member", "Active", "0", "0");
?>


You are inserting a string value of 'NULL' into your primary key, you either remove the quotes '' or omit ID from the query.
Remove Quotes:
$query = "INSERT INTO `users` (`ID`, `Username`, `Email`, `Password`, `PIN`, `Registration_Date`, `Account_Type`, `Account_Status`, `Referrer`, `Balance`) VALUES (NULL, '$username', '$email', '$password', '$PIN', '$Registration_Date', '$Account_Type', '$Account_Status', '$Referrer', '$Balance')";
Or Remove the ID column:
$query = "INSERT INTO `users` ( `Username`, `Email`, `Password`, `PIN`, `Registration_Date`, `Account_Type`, `Account_Status`, `Referrer`, `Balance`) VALUES ('$username', '$email', '$password', '$PIN', '$Registration_Date', '$Account_Type', '$Account_Status', '$Referrer', '$Balance')";

Related

mysqli insert, what is wrong?

the data is not inserting. i think there is something wrong in
$sql = "INSERT INTO `users` (`Username`, `Password`, `FirstName`, `LastName`, `Email`, `ContactNumber`)
VALUES ('".$_POST["Username"]."','".$_POST["Password"]."','".$_POST["FirstName"]."','".$_POST["LastName"]."','".$_POST["Email"]."','".$_POST["ContactNumber"]."')";
When i try to change the statement in "else" with echo "successs"; its working.
please someone can tell me what is wrong.
<?php
error_reporting(E_ALL & ~E_NOTICE);
if(isset($_POST["Register"]))
{
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "dbuseraccounts";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$user = $_POST['Username'];
$pass = $_POST['Password'];
$query = mysqli_query($conn, "SELECT * FROM users WHERE Username= '".$user."'");
if(mysqli_num_rows($query) > 0)
{
echo "email already exists";
}
else
{
$sql = "INSERT INTO users (Username, Password, FirstName, LastName, Email, ContactNumber)
VALUES ('".$_POST["Username"]."','".$_POST["Password"]."','".$_POST["FirstName"]."','".$_POST["LastName"]."','".$_POST["Email"]."','".$_POST["ContactNumber"]."')";
}
$conn->close();
}
?>

Your data is not inserting because you haven't even executed your query.
if (mysqli_num_rows($query) > 0) {
echo "Username already exists";
} else {
$sql = "INSERT INTO users (Username, Password, FirstName, LastName, Email, ContactNumber) VALUES ('".$_POST["Username"]."','".$_POST["Password"]."','".$_POST["FirstName"]."','".$_POST["LastName"]."','".$_POST["Email"]."','".$_POST["ContactNumber"]."')";
/* Run your query and check for errors */
$query = mysqli_query($conn, $sql) or die(mysqli_error($conn));
}

Please Execute query using
mysqli_query($conn, your query);

PHP is not inserting Data

I have run it on the local server and it worked perfectly, but when I uploaded it to my web hosting, it stopped working.
Basically when I submit the form the browser just keeps loading and when I check the database no data was inserted.
I checked my database connection and I was able to connect it but can't get data from it.
This is my php:
<?php
$servername = "localhost";
$username = "itclubac_root";
$password = "*******";
$dbname = "itclubac_itclub";
$tnp = 0;
$name = $_POST['name'];
$email = $_POST['email'];
$gender = $_POST['gender'];
$phone = $_POST['phone'];
$id = $_POST['id'];
$section = $_POST['section'];
$skills = $_POST['skills'];
$interests = $_POST['interests'];
$expectations = $_POST['expectations'];
$tnp = $_POST['tnp'];
$ip = $_SERVER['REMOTE_ADDR'];
if ( $tnp == 0 ) {
header('Location: ../../get_involved.php');
} else {
// Create connection
$con = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
$query = mysqli_query($con, "SELECT * FROM member_registration WHERE email = '".$email. "'");
if ( mysqli_num_rows($query) > 0 ) {
header('Location: ../../get_involved.php?status=exist');
} else {
$query = mysqli_query($con, "SELECT * FROM member_registration WHERE college_id = '".$id. "'");
if ( mysqli_num_rows( $query) > 0 ) {
header('Location: ../../get_involved.php?status=exist');
} else {
$sql = "INSERT INTO member_registration (name, email, gender, phone_no, college_id, section, skills, interests, expectations, ip_address) VALUES ('$name', '$email', '$gender', '+880$phone', '$id', '$section', '$skills', '$interests', '$expectations', '$ip')";
if ($con->query($sql) === TRUE) {
header('Location: ../../get_involved.php?status=success');
}
}
}
}
$con->close();
?>
Edit
This is the site: Form Pagehttp://itclub.acc.edu.bd/get_involved.php if you register here, the page will just keep loading. However if you try to access the registration.php directly it sends you to the form page page as I said it to. When I tested it on local, it worked perfectly but after uploading to the host this problem is occurring.

I tried to sort your code and maybe the error is related on the of your query,
$sql = "INSERT INTO member_registration (name, email, gender, phone_no, college_id, section, skills, interests, expectations, ip_address) VALUES ('$name', '$email', '$gender', '+880$phone', '$id', '$section', $'skills', '$interests', '$expectations', '$ip')";
Have you notice this part $'skills' of the line? change your code into,
$sql = "INSERT INTO member_registration (name, email, gender, phone_no, college_id, section, skills, interests, expectations, ip_address) VALUES ('$name', '$email', '$gender', '+880$phone', '$id', '$section', '$skills', '$interests', '$expectations', '$ip')";
maybe it help.

PHP/MySQLi Insert returns blank page

I've created a very basic PHP Create User form, on my personal machine it worked fine but since getting a proper host I've been encountering errors non stop. The first was that it was insecure to use the Date how I was so I disabled it, now I'm getting no errors but it's not inserting data to the table and redirects me to index.php but all I see is a blank white page. Any help?
<?PHP
include'../include_htm/global.htm';
error_reporting(-1);
//Connect to server and select databse.
$link = mysqli_connect("$DB_HOST", "$DB_USER", "$DB_PASS", "$DB_NAME")
or die ('Could not connect to database!');
//Grab information from post page
$reg_username=$_POST['username'];
$reg_password=$_POST['password'];
$email=$_POST['email'];
$avatar=$_POST['avatar'];
if($avatar == null) {
header("location:../register.php?no_avatar=true");
}
else
{
//Set variables
//$date = date('j\/m\/Y');
$false = "false";
$ipaddress = $_SERVER["REMOTE_ADDR"];
$role = "user";
//Encrypt Password With MD5
$encrypt_password=hash('sha256', $reg_password);
//Insert Information
$query = "INSERT INTO $DB_TABLE (username, password, email, role, ipaddress, avatar) VALUES ('$reg_username', '$encrypt_password', '$email', '$role', '$ipaddress', '$avatar')";
mysqli_query($link, $query);
mysqli_close($link);
//Select login details from database
$_SESSION['user'] = $reg_username;
//$query1 = "UPDATE $DB_TABLE SET avatar='$avatar' WHERE `username`='$reg_username'";
//mysqli_query($link, $query1);
//mysqli_close($link);
header("location:../index.php?welcome=true");
}
?>

//Insert Information
$stmt = $link->prepare("INSERT INTO `$DB_TABLE` (`username`, `password`, `email`, `role`, `ipaddress`, `avatar`) VALUES (?,?,?,?,?,?)");
/* bind parameters for markers */
$stmt->bind_param("ssssss", $reg_username, $encrypt_password, $email, $role, $ipaddress, $avatar);
/* execute query */
$stmt->execute();
mysqli_close($link);

Insert form data in one table and then update an enum value in a different table?

I am using a code to insert a users form data into the database, that bit works fine. However, i also want to run another query and update an enum value 'form2_completed?' from No to Yes. I have added in the update query and now for some reason the script is not working and says 'ERROR'
Can someone please show me where i am going wrong. thanks
<?php
session_start();
$db_hostname = 'localhost';
$db_database = 'hewden1';
$db_username = 'root';
$db_password = '';
$db_server = mysql_connect($db_hostname, $db_username, $db_password)
or die("Unable to connect to MySQL: " . mysql_error());
mysql_select_db($db_database)
or die("Unable to select database: " . mysql_error());
$cname = $_POST['cname'];
$creg = $_POST['creg'];
$address = $_POST['address'];
$post = $_POST['post'];
$contactn = $_POST['contactn'];
$contactt = $_POST['contactt'];
$email = $_POST['email'];
$vat = $_POST['vat'];
$ipaddress = $_SERVER["REMOTE_ADDR"];
$sql="INSERT INTO supplier_registration (company_name, company_reg_number, company_address, company_postcode, contact_name, contact_number, contact_email, company_vat_number, date_time, user_ip)
VALUES ('$cname', '$creg', '$address', '$post', '$contactn', '$contactt', '$email', '$vat', NOW(), '$ipaddress')";
$sql="UPDATE supplier_session SET form2_completed? = 'Yes' WHERE form2_completed? = 'No'";
$result = mysql_query($sql);
if($result){
$success = "<div class='success'></div>"; // use the $success
//encode the URL parameter as :
$success = urlencode($success);
header("Location: index.php?success=$success");
}else {
echo "ERROR";
}
?>

You are overwriting the variable $sql and not running INSERT. Try:
$sql="INSERT INTO supplier_registration (company_name, company_reg_number, company_address, company_postcode, contact_name, contact_number, contact_email, company_vat_number, date_time, user_ip)
VALUES ('$cname', '$creg', '$address', '$post', '$contactn', '$contactt', '$email', '$vat', NOW(), '$ipaddress')";
$result = mysql_query($sql);
$sql="UPDATE supplier_session SET form2_completed? = 'Yes' WHERE form2_completed? = 'No'";
$result = mysql_query($sql);
Please note that the method you have used is deprecated from php 5.5.0. so i suggest you consider mysqli or PDO. examples can be found in below php manual links
http://www.php.net/manual/en/mysqli.query.php
http://www.php.net/manual/en/pdo.query.php

error occurred during data insert in mysql

my code -
require 'database.php';
$uid = $_SESSION['UserId'];
$title = $_POST['imgtitle'];
$tag = $_POST['imgtag'];
$date = date("d-m-y");
$q = "INSERT into album (`o_id`, `title`, `src`, `tag`, `date`)
VALUES('$uid', '$title', '$image_name', '$tag', '$date'";
$result = $mysqli->query($q) or die(mysqli_error($mysqli));
if ($result)
{
echo "<h1>File Uploaded Successfully! Upload more...!</h1>";
}
my database.php-
<?php
$db_name = "szdb";
$db_server = "localhost";
$db_user = "root";
$db_pass = "";
$mysqli = new MySQLi($db_server, $db_user, $db_pass, $db_name) or die(mysqli_error());
?>
ERROR-
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2

You are missing a closing bracket at the very end.
Change
$q = "INSERT into album (`o_id`, `title`, `src`, `tag`, `date`)
VALUES('$uid', '$title', '$image_name', '$tag', '$date'";
to
$q = "INSERT into album (`o_id`, `title`, `src`, `tag`, `date`)
VALUES('$uid', '$title', '$image_name', '$tag', '$date')";

make sure all of your POST variables are coming through correctly
$userid = isset($_POST['userid']) && !empty($_POST['userid']) ? $_POST['userid'] : null;

Categories