I have a 3 tables are employee , chief , technician.
So , Admin can add all the user to system but i can't add 'chief' into the table and this is my html.
<form name="form" method="post" action="add_user_db.php">
<div class="control-group">
<label>Type of User</label>
<div class="controls">
<select class="form-control" name="filter" id="filter">
<option value="employee">Employee</option>
<option value="technician">Technician</option>
<option value="chief">Chief</option>
</select>...some other code..</form>
This is my php to add user.
$filter = $_POST["filter"];
$id = $_POST["id"];
$password = md5($_POST["password"]);
$name = $_POST["name"];
$department = $_POST["department"];
$email = $_POST["email"];
$phone = $_POST["phone"];
$cellphone = $_POST["cellphone"];
if($filter =='chief'){
$sql = "INSERT into $filter (chief_id,password,chief_name,status,department,phone,cellphone,email) values ('$id', '$password', '$name', 'CHIEF', '$department', '$phone', '$cellphone', '$email')";
$dbquery = mysql_db_query("inform_db", $sql);
mysql_close();
header( "refresh:0.01;url=add_user.php" );
}
if($filter == 'employee'){
$sql = "INSERT into $filter (employee_id,password,name,status,department,phone,cellphone,email) values ('$id', '$password', '$name', 'USER', '$department', '$phone', '$cellphone', '$email')";
$dbquery = mysql_db_query("inform_db", $sql);
mysql_close();
header( "refresh:0.01;url=add_user.php" );
}
if($filter == 'technician'){
$sql = "INSERT into $filter (tech_id,password,tech_name,status,phone,cellphone,email) values ('$id', '$password', '$name', 'TECH', '$phone', '$cellphone', '$email')";
$dbquery = mysql_db_query("inform_db", $sql);
I can't understand why 'chief' especially.
status is MySQL KEYWORD. So I just added back tick (`) in query.
Change from
$sql = "INSERT into $filter (chief_id,password,chief_name,status,department,phone,cellphone,email) values ('$id', '$password', '$name', 'CHIEF', '$department', '$phone', '$cellphone', '$email')";
To
$sql = "INSERT into $filter (chief_id,password,chief_name,`status`,department,phone,cellphone,email) values ('$id', '$password', '$name', 'CHIEF', '$department', '$phone', '$cellphone', '$email')";
Related
I am trying to store the data from a form into a postgresql but I am getting the error
Warning: pg_query(): Query failed: ERROR: syntax error at or near ","
LINE 2: ..., '1212121212', '01/06/2000', 'Gurjeet', 'Singh',
,'12121212... ^ in C:\xampp\htdocs\login.php on line 36 Error with
query: ERROR: syntax error at or near "," LINE 2: ..., '1212121212',
'01/06/2000', 'Gurjeet', 'Singh', ,'12121212... ^
The values in the single inverted commas are the value that I have given input through the html form.
Here is my php code
if(isset( $_POST['econtct']))
$emergency_number = $_POST['econtct'];
$mobile = 1212121212;
if(isset( $_POST['date']))
$ DOB = $_POST['date'];
if(isset( $_POST['fnam']))
$first_name = $_POST['fnam'];
if(isset( $_POST['lnam']))
$last_name = $_POST['lnam'];
//$blood_group = $_POST['bgr'];
if(isset( $_POST['uidd']))
$aadhar = $_POST['uidd'];
if(isset( $_POST['address']))
$address = $_POST['address'];
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
$result = pg_query($db,$query);
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
}
printf ("These values were inserted into the database");
pg_close();
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
You have two commas between $last_name and $aadhar
There seems to an extra comma in your query:
Incorrect:
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
Correct:
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name','$aadhar', '$address' )";
Can you remove that and try once again
$name = mysqli_real_escape_string($connection, $_POST["name"]);
$surname = mysqli_real_escape_string($connection, $_POST["surname"]);
$username = mysqli_real_escape_string($connection, $_POST["username"]);
$email = mysqli_real_escape_string($connection, $_POST["email"]);
$pw1 = mysqli_real_escape_string($connection, $_POST["pw1"]);
$query = "INSERT INTO 'users' ('id','name', 'surname', 'username', 'email', 'password') VALUES (NULL,'$name', '$surname', '$username', '$email', '$pw1')";
$result = mysqli_query($connection, $query);
if(!$result){
echo ("fail");
}
I test if the query has worked using if(!$result){ echo ("fail");} and it echoes fail every time and no data is inserted into the database every time! I have checked the syntax and i believe it is correct... could this be because of the database "collation"?
You should not use the single quote at the table or field name. You have to use a Backtick (like ``) which is located in under Esc key or left side of 1 Key or upper side of Tab key. It should looks like:
$query = "INSERT INTO `users` (`id`, `name`, `surname`, `username`, `email`,
`password`) VALUES ('null', '$name', '$surname', '$username', '$email', '$pw1')";
or
$query = "INSERT INTO users (id, name, surname, username, email,
password) VALUES ('null', '$name', '$surname', '$username', '$email', '$pw1')";
Note: If your id field is already set auto increment then you can remove id and value null. Because id value will automatically increment.
Hope it will helpful.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Why I am getting an error when using w3school tutorial? [duplicate]
(3 answers)
Closed 6 years ago.
I am trying to execute below code but I keep receiving below error :
"Could not execute the insert query."
It seem like the insert into Employees isn't working.
I am not sure what is missing.
Below is my code:
if(isset($_POST['submit'])) {
$fname = $_POST['fname'];
$minitial = $_POST['minitial'];
$lname = $_POST['lname'];
$gender = $_POST['gender'];
$phone = $_POST['phone'];
$dob = $_POST['dob'];
$ssn = $_POST['ssn'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];
if($fname == "" || $minitial == "" || $lname == "" || $gender == "" ||
$phone == "" || $dob == "" || $ssn == "" || $address == "" ||
$city == "" || $state == "" || $zip == "" || $email == "" ||
$username == "" || $password == "") {
echo "All fields should be filled. Either one or many fields are empty.";
echo "<br/>";
echo "<a href='register.php'>Go back</a>";}
else {
mysqli_query($mysqli, "INSERT INTO 'Employees'('fname', 'minitial', 'lname', 'gender', 'phone', 'dob', 'ssn', 'address', 'city', 'state', 'zip', 'email', 'username', 'password') VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))")
or die("Could not execute the insert query.");
echo "Registration successfully";
echo "<br/>";
echo "<a href='login.php'>Login</a>";
}
That's cause you are quoting the table name as pointed below. Don't single quote column names else it's treated as string literal rather a actual table/column name
INSERT INTO 'Employees'
You actually meant to escape it like
INSERT INTO `Employees`
Re-write your INSERT statement to be like
"INSERT INTO `Employees`(`fname`, `minitial`, `lname`, `gender`, `phone`, `dob`, `ssn`, `address`, `city`, `state`, `zip`, `email`, `username`, `password`) VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))"
Replace ' into ` or remove ' in filed list in insert query.
So you query will be
mysqli_query($mysqli, "INSERT INTO `Employees`(`fname`, `minitial`, `lname`, `gender`, `phone`, `dob`, `ssn`, `address`, `city`, `state`, `zip`, `email`, `username`, `password`) VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))")
try this query.
Because you put Table name and field name in single quote.
mysqli_query($mysqli, "INSERT INTO Employees(fname, minitial, lname, gender, phone, dob, ssn, address, city, state, zip, email, username, password) VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))")
The mysqli_error() won't solve your problem, but it will at least tell you where it is. Replace:
mysqli_query($mysqli, "INSERT INTO 'Employees'('fname', 'minitial', 'lname', 'gender', 'phone', 'dob', 'ssn', 'address', 'city', 'state', 'zip', 'email', 'username', 'password') VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))")
or die("Could not execute the insert query.");
with:
mysqli_query($mysqli, "INSERT INTO 'Employees'('fname', 'minitial', 'lname', 'gender', 'phone', 'dob', 'ssn', 'address', 'city', 'state', 'zip', 'email', 'username', 'password') VALUES('$fname', '$minitial', '$lname', '$gender', '$phone', '$dob', '$ssn', '$address', '$city', '$state', '$zip', '$email', '$username', md5('$password'))")
or die(mysqli_error($mysqli));
I am working on this application that is supposed to collect data from a form and send it to the database but for some reason, the database is not receiving any data. I tried using mysql_errno() and I received "Query was empty"
$name = mysql_real_escape_string($_POST['name']);
$qualification = mysql_real_escape_string($_POST['qualification']);
$position = mysql_real_escape_string($_POST['position']);
$direct = mysql_real_escape_string($_POST['direct']);
$telephone = mysql_real_escape_string($_POST['telephone']);
$cell = mysql_real_escape_string($_POST['cell']);
$fax = mysql_real_escape_string($_POST['fax']);
$email = $r['email'];
$address = mysql_real_escape_string($_POST['address']);
$cityProvince = mysql_real_escape_string($_POST['cityProvince']);
$postalCode = mysql_real_escape_string($_POST['postalCode']);
$website = mysql_real_escape_string($_POST['website']);
$q = mysql_query("INSERT INTO `mmg_business_card_logs` (`id`, `name`, `qualification`, `position`, `direct`, `telephone`, `cell`, `fax`, `email`, `address`, `cityProvince`, `postalCode`, `website`)
VALUES ('', '{$name}', '{$qualification}', '{$direct}', '{$position}', '{$telephone}', '{$cell}', '{$fax}', '{$email}', '{$address}', '{$cityProvince}', '{$postalCode}', '{$website}')");
$q = mysql_query("INSERT INTO `mmg_business_card_logs` ( `name`, `qualification`, `position`, `direct`, `telephone`, `cell`, `fax`, `email`, `address`, `cityProvince`, `postalCode`, `website`)
VALUES ('$name', '$qualification', '$direct', '$position', '$telephone', '$cell', '$fax', '$email', '$address', '$cityProvince', '$postalCode', '$website')");
OR
$q = mysql_query("INSERT INTO `mmg_business_card_logs` (`id`, `name`, `qualification`, `position`, `direct`, `telephone`, `cell`, `fax`, `email`, `address`, `cityProvince`, `postalCode`, `website`)
VALUES ('121', '$name', '$qualification', '$direct', '$position', '$telephone', '$cell', '$fax', '$email', '$address', '$cityProvince', '$postalCode', '$website')");
Try this . If this will not work try echo $q and show me the output or try to execute that query in MySql
I'm noobish to coding. I set up a MYSQL database called contacts, a table called contactstable with fields id, firstname, lastname, emailaddress,postalcode and phonenumber. Each are text or varchars except for the id, which is an auto_increment, pk field. The connection doesnt give any errors, and no error is relayed through the mysqli_connect_error() method. They query doesnt go through and no query is executed. I cant figure out why.
<html>
<head>
<title>Registration</title>
</head>
<body>
<h1>Register with Us!</h1>
<h2>Registration Complete!</h2>
<div class="feedback-container" <?= isset($_REQUEST["first-name"])? "style=\"display:block\"": "style=\"display:none\""; ?>>
<?php
$firstname = $lastname = $emailaddress = $postalcode = $phonenumber = NULL;
if (isset($_REQUEST["first-name"])){
$firstname = $_REQUEST["first-name"];
$lastname = $_REQUEST["last-name"];
$emailaddress = $_REQUEST["email-address"];
$postalcode = $_REQUEST["postal-code"];
$phonenumber = $_REQUEST["phone-number"];
$dbconn = new mysqli();
$dbconn->connect("localhost","root","","contacts");
if(mysqli_connect_error()){
echo "Connection Failed";
}else{
echo "Connection Established";
}
$query = "INSERT INTO 'contactstable' ('firstname', 'lastname', 'emailaddress','postalcode','phonenumber') VALUES ('$firstname', '$lastname', '$emailaddress', '$postalcode', '$phonenumber')";
if ($dbconn->query($query) == TRUE){
echo ("Thank you for registering with us. We will shortly send a confirmation email to $emailaddress.");
}else{
echo ("<p>Your contact information was not added to our database. Please try again later or contact our webadmin at webadmin#gmail.com</p>");
}
}
?>
</div>
</body>
When it runs, it outputs the following:
"Connection Established"
"Your contact information was not added to our database. Please try again later or contact our webadmin at webadmin#gmail.com"
There are no error messages.
There is no data updated.
I'd make this
$query = "INSERT INTO 'contactstable' ('firstname', 'lastname', 'emailaddress','postalcode','phonenumber') VALUES ('$firstname', '$lastname', '$emailaddress', '$postalcode', '$phonenumber')";
look like this
$query = "INSERT INTO contactstable (firstname, lastname, emailaddress,postalcode,phonenumber) VALUES ('$firstname', '$lastname', '$emailaddress', '$postalcode', '$phonenumber')";
query should look like this.
INSERT INTO `contactstable`
(`firstname`, `lastname`, `emailaddress`,`postalcode`,`phonenumber`)
VALUES
('$firstname', '$lastname', '$emailaddress', '$postalcode', '$phonenumber')
Use backticks if you want to quote your field names.
$query = "INSERT INTO `contactstable` (`firstname`, `lastname`, `emailaddress`,`postalcode`,`phonenumber`) VALUES ('$firstname', '$lastname', '$emailaddress', '$postalcode', '$phonenumber')";
Also you can use " if you set SET sql_mode='ANSI_QUOTES'
http://dev.mysql.com/doc/refman/5.0/en/server-sql-mode.html