This is for a registration form I have created. I cannot include all of my code, but the program checks for blank fields then format using the preg_match function. Then it INSERTS the info registered
My code is:
<?php
/* connection info */
ini_set('include_path','../../includes');
include("dbinfo.inc");
$cxn = mysqli_connect($host,$user,$password,$dbname)
or die("Couldn't connect to server. error 3");
?>
<?php
/* Program name: Register.php
* Description: Program displays the blank form and checks
* all the form fields for blank fields.
*/
// Insert info into database //
{
foreach($good_data as $field => $value)
{
$good_data[$field] = mysqli_real_escape_string($cxn,$value);
}
$sql = "INSERT INTO UserInfo (user_id, password, first_name, last_name, city, country, email) VALUES ('$good_data[user_id]', '$good_data[password]', '$good_data[first_name]', '$good_data[last_name]', '$good_data[city]', '$good_data[country]', '$good_data[email]')";
$result = mysqli_query($query, $sql) or die ("Couldn't connect to login");
$row = mysqli_fetch($result);
while ($row = mysql_fetch_assoc($result)) {
$sql2 = "UPDATE TimeStamp SET time = CURRENT_TIMESTAMP where user_id='$good_data[user_id]'";
$result2 = mysqli_query($cxn,$sql2) or die("<p>Couldn't Connect to Login</p>");
include('goodReg.inc');
}
{
echo $message;
extract($good_data);
include('register.inc');
exit();
}
}
}
else
{
include("register.inc");
}
?>
How do I move just the variable to the query and not the whole INSERT string?
There's no need to call mysqli_fetch or mysqli_fetch_assoc. Just do the UPDATE query outside of a loop:
$sql = "INSERT INTO UserInfo (user_id, password, first_name, last_name, city, country, email) VALUES ('$good_data[user_id]', '$good_data[password]', '$good_data[first_name]', '$good_data[last_name]', '$good_data[city]', '$good_data[country]', '$good_data[email]')";
mysqli_query($cxn, $sql) or die ("Couldn't insert into UserInfo: " . mysqli_error($cxn));
$sql2 = "UPDATE TimeStamp SET time = CURRENT_TIMESTAMP where user_id='$good_data[user_id]'";
mysqli_query($cxn, $sql2) or die ("Couldn't update TimeStamp: " . mysqli_error($cxn);
include('goodReg.inc');
Related
I have two databases and i have one table "TabelaX" in database "Servidor1" with out data and other database "Servidor2" with one table "TabelaY". And i want do one select in table "TabelaY" and with her data do one insert in table "TabelaX" which is in another database. I already made some code but it is not working correctly. And this error appears:
"Error: INSERT INTO TabelaX (ID, Nome, Dados) VALUES (2000, XPTO2,
12345); Unknown column 'XPTO2' in 'field list'Error: INSERT INTO
TabelaX (ID, Nome, Dados) VALUES (2033, XPTO3, 1234567890); Unknown
column 'XPTO3' in 'field list'"
<?php
$conn= mysqli_connect('localhost','root',null,'Servidor2') or die
(mysqli_connect_error());
if (!$conn) {
die("Falha de conexao: ". mysqli_connect_error());
}
$ID = $_POST['ID'];
$sql = "SELECT * FROM TabelaY WHERE ID = $ID";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$row1 = $row["ID"];
$row2 = $row["Nome"];
$row3 = $row["Dados"];
mysqli_select_db($conn,"Servidor1");
$sql = "INSERT INTO TabelaX (ID, Nome, Dados)
VALUES ($row1, $row2, $row3);";
if (mysqli_multi_query($conn, $sql)) {
echo "New records created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
} else {
echo "0 results";
}
mysqli_close($conn);
?>
From what I have read, your current approach might be the only way to do this using regular queries with MySQL. But, if you were doing this directly on MySQL, you could just use a simple INSERT INTO ... SELECT:
INSERT INTO db1.TabelaX (ID, Nome, Dados)
SELECT ID, Nome, Dados
FROM db2.TabelaY;
One possibility would be to create a stored procedure on MySQL which does the above insert, and then call it from your PHP code:
$result = mysqli_query($conn,
"CALL YourProcName") or die("Query fail: " . mysqli_error());
I have a form which retrieves various values from my database and displays it in a form. The form contains text boxes, radio, drop down menus. The retrieving part works perfectly and the correct values are displayed for each field. But then when I want to change the field and update the data, it's not updating. Can some please help me with this. Here is my code:
if(isset($_POST['submit'])){
$sql = "UPDATE tbl_dealer_info ";
$sql .= "SET phone = '$phone', email = '$email', sfid = '$sfid', ... WHERE id = '$idhidden' ";
$result = mysqli_query($conn, $sql);
if(!$result){
die('Could not update data: '. mysqli_error());
}
else{
echo "Updated Successfully";
}
}
<input type = "hidden" name = "idhidden" id = "idhidden" value = "" /> // My hidden input to store the id
It displays "Updated Successfully" but isn't actually updating.
Try this
if(isset($_POST['submit'])){
$sql = "UPDATE tbl_dealer_info SET phone = '".$phone."', email = '".$email."', sfid = '".$sfid."', ... WHERE id = ".$idhidden;
$result = mysqli_query($conn, $sql);
if(!$result){
die('Could not update data: '. mysqli_error());
} else{
echo "Updated Successfully";
}
}
you are missing where condition and ';' in the sql statement
$sql = "UPDATE tbl_dealer_info ";
$sql .= "SET phone = '$phone', email = '$email', sfid = '$sfid' WHERE #here where condition #here ";
Here is my code-
<?php
session_start();
$con = mysqli_connect("localhost", "root", "", "placement")
or die("Failed to connect MySQL: " . mysqli_error()); // Connecting to MySQL Database
// Variable Declaration
$StateName = mysqli_real_escape_string($con, $_POST["txtStateName"]);
$Description = mysqli_real_escape_string($con, $_POST["txtDescription"]);
$CountryName = mysqli_real_escape_string($con, $_POST["selectCountryName"]);
$CountryId = "SELECT CountryId FROM tbl_country_master WHERE CountryName='$CountryName'";
// Insert Query
$sql = "INSERT INTO tbl_state_master(StateName, Description, CountryId) VALUES ('$StateName', '$Description', '$CountryId')";
if(!mysqli_query($con, $sql))
{
die('Error: ' . mysqli_error($con));
}
else
{
header("Location: frmAddState.php?msg=1");
}
mysqli_close($con);?>
CountryId in tbl_state_master is a foreign key and it is referenced to primary key of tbl_country_master. I'm not able to insert data as I'm getting error.
You never executed the query that's supposed to return the country ID. You just set $CountryId to the SQL string. It should be:
$sql = "SELECT CountryId FROM tbl_country_master WHERE CountryName='$CountryName'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($row) {
$CountryId = $row['CountryId'];
}
But ou don't need two separate queries, do it in just one:
$sql = "INSERT INTO tbl_state_master(StateName, Description, CountryId)
SELECT '$StateName', '$Description', CountryId
FROM tbl_country_master WHERE CountryName='$CountryName'";
So I have form1 that contains information from multiple tables in a database. I've got listboxes and textboxes within this form that have that information. So all I'm trying to do is insert whatever information the user submits back into the database and have it outputted on form2. I've got my INSERT INTOs on my output page. I know you can't use one INSERT INTO query, so I was wondering how to use multiple INSERTS and submit that information back into the database.
The variables created below come from the previous page and all of the values are there.
if (isset($_POST['n_submit'])){
$oid = $_POST['oid'];
$odate = $_POST['odate'];
$ostatus = $_POST['ostatus'];
$cfname = $_POST['cfname'];
$cname = $_POST['clname'];
$efname = $_POST['efname'];
$elname = $_POST['elname'];
echo "New record created successfully";
$db = mysqli_connect('127.0.0.1:3307', 'mysql_user', 'mysql_password') or die ("I cannot connect to the database because: ".mysqli_connect_error());
$query = "select status_id from ostatus where status_type = '$ostatus'";
$result = mysqli_query($db, $query) or die("Error in SQL statement:" .mysqli_error());
$row = mysqli_fetch_array($result);
$statusid = $row[0];
$query1 = "insert into cust ('c_fname', 'c_lname') values ('$cfname', $clname)";
$result1 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query2 = "insert into employed ('e_fname', e_lname) values ('$efname', '$elname')";
$result2 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query3 ="INSERT INTO sorder (o_id, o_date, s_id) VALUES ('{$oid}', '{$odate}', '{$statusid}')";
$result3 = mysqli_query($db, $query3);
}
First of all your query is vulnerable to SQL injection. I am not going to fix that.
Second, you should Google how to handle forms properly. And you should consider starting SQL transaction if you really care about the data to go into all the tables for sure.
Third, you should be able to use multiple inserts like you are doing in your code. but you need to correct your syntax errors.
Try this code (I also removed the select code are based on your question it is not needed)
if (isset($_POST['n_submit'])){
$oid = $_POST['oid'];
$odate = $_POST['odate'];
$ostatus = $_POST['ostatus'];
$cfname = $_POST['cfname'];
$cname = $_POST['clname'];
$efname = $_POST['efname'];
$elname = $_POST['elname'];
$db = mysqli_connect('127.0.0.1:3307', 'mysql_user', 'mysql_password') or die ("I cannot connect to the database because: ".mysqli_connect_error());
$query1 = "insert into cust (c_fname, c_lname) values ('".$cfname."', '".$clname."')";
$result1 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query2 = "insert into employed (e_fname, e_lname) values ('".$efname."', '".$elname."')";
$result2 = mysqli_query($db, $query2) or die("Error in SQL statement:" .mysqli_error());
$query3 ="INSERT INTO sorder (o_id, o_date, s_id) VALUES ('".$oid."', '".$odate."', '".$statusid."')";
$result3 = mysqli_query($db, $query3);
if($result1 && $result2 && $result3)
echo 'New record created successfully';
else
echo 'something did not work';
}
I'm trying to go threw my table nonbulkmdu and look into r10database to find if there is a duplicate, if there is it will update 4 fields if its not it will insert a new row. I keep getting the error
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in on line 19-23.
What am I doing wrong?
<?php
$username="";
$password="";
$database="";
$link = mysql_connect(localhost,$username,$password);
mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM nonbulkmdu";
if ($result=mysql_query($query, $link)) {
$num=mysql_numrows($result);
$i=0;
while ($i < $num) {
$address=strtoupper(mysql_result($result,$i,"address"));
$drops=mysql_result($result,$i,"drops");
$city=mysql_result($result,$i,"city");
$citycode=mysql_result($result,$i,"citycode");
$feature_type=mysql_result($result,$i,"Feature_Type");
$result = mysql_query("update r10_database
set drops=$drops, citycode=$citycode, city=$city, Feature_Type=$feature_type
where address=$address;");
if (mysql_affected_rows()==0) {
$result = mysql_query("insert into r10_database (address,
drops,
city,
citycode,
Feature_Type)
values ($address,
$drops,
$city,
$citycode,
$Feature_Type);");
}
$i++;
}
} else {
echo mysql_error();
}
mysql_close();
?>
You're missing quotes around the values in the UPDATE and INSERT call:
$result = mysql_query("update r10_database
set drops='$drops', citycode='$citycode', city='$city', Feature_Type='$feature_type'
where address='$address';");
if (mysql_affected_rows()==0) {
$result = mysql_query("insert into r10_database (address,
drops,
city,
citycode,
Feature_Type)
values ('$address',
'$drops',
'$city',
'$citycode',
'$Feature_Type');")
BTW, if address has a unique key in the table, you can do both queries at once, using INSERT ... ON DUPLICATE KEY UPDATE.