Using Variable in MySQL
I have tried many possibilities and consulted a number of sources but still not have been
able to insert a string into a MySQL command in php.
Code below works well
$SQL = 'INSERT INTO tb_addressbook (`ID`, `First_Name`, `Last_Name`, `Address`) VALUES (\'24\', \'JJ\', \'Gates\', \'Microsoft\');';
Code below does not work
$SQL = 'INSERT INTO tb_addressbook (`ID`, `First_Name`, `Last_Name`, `Address`) VALUES (\'27\', \''.'"$first"'.'\''.', \'Gates\', \'Microsoft\');';
Can you help?
P.S. Is there a special way to insert a string for numbers?
Hugh
hugh#hahaggerty.com
Try like this :
$SQL = "INSERT INTO tb_addressbook (ID, First_Name, Last_Name, Address) VALUES ('27', '".$first."', 'Gates', 'Microsoft')";
Related
I'm looking to insert values from two sources (variables and a field from another table) into a new table. After some research, I found that this was possible, but cannot figure out how to accomplish this with my query.
Let me know if I have not provided enough context or code.
//Query to INSERT data
$query3 = "INSERT INTO `Checked_Out` (`name`, `quantityCheckedOut`, `checkedOut`, `returnDate`, `image`, `ID`) VALUES ('$name', '$quantityTaken', '$checkedOut', '$returnDate', '$ID')
SELECT `image` FROM `Checked_In` WHERE `ID` = '$ID'";
Try this:
$query3 = "INSERT INTO `Checked_Out` (`name`, `quantityCheckedOut`, `checkedOut`, `returnDate`, `image`, `ID`)
SELECT '$name', '$quantityTaken', '$checkedOut', '$returnDate', `image`, '$ID' FROM `Checked_In` WHERE `ID` = '$ID'";
i'm making a query to insert some values to a table and update other in other table all this in the same function.
The problem i have is with the Insert query, when has been execute, give me a syntax error that you can see below.
I reviewed the code many times but i don't see any error. When I remove the Insert query works fine and if I remove de update query and leave just the insert give me the same error.
Here the query
if (isset($_POST['goodalt']) && isset($_POST['gengood'])){
$goodalt = mysqli_real_escape_string($con, $_POST['goodalt']);
$genid = mysqli_real_escape_string($con, $_POST['gengood']);
$res = mysqli_query($con, "SELECT * FROM `generators` WHERE `name` = '$genid'") or die(mysqli_error($con));
while($row = mysqli_fetch_assoc($res)) {
$genname = $row['name'];
}
mysqli_query($con, "INSERT INTO `user_accounts` (`username`, `accs`, `genid`, `gen-name`, `date`, `status`) VALUES ('$username', '$goodalt', '$genid', '$genname', '$date', '1'") or die(mysqli_error($con));
mysqli_query($con, "UPDATE `generator$genid` SET `status` = '3' WHERE `alt` = '$goodalt'") or die(mysqli_error($con));
}
Any help? Thanks.
Apart form error, there is a BIG issue about concurrency and threading model.
Every time you split INSERT/UPADATE in more separate PHP calls two mysql, you can analyze CAREFULLY if separate queries maintain DB consistent.
Consider carefully is two (or more) web requests (executing the same PHP script) can be safely run in parallel, especially on code where You did:
mysqli_query($con, "INSERT INTO `user_accounts` (`username`, `accs`, `genid`, `gen-name`, `date`, `status`) VALUES ('$username', '$goodalt', '$genid', '$genname', '$date', '1'") or die(mysqli_error($con));
mysqli_query($con, "UPDATE `generator$genid` SET `status` = '3' WHERE `alt` = '$goodalt'") or die(mysqli_error($con));
Insert and Updates are atomic, but here you call two separate queries
Your missing a close bracket in your insert...
mysqli_query($con, "INSERT INTO `user_accounts` (`username`, `accs`, `genid`, `gen-name`, `date`, `status`) VALUES ('$username', '$goodalt', '$genid', '$genname', '$date', '1')") or die(mysqli_error($con));
BUT you should also be using prepared statements and bind variables...
The issue that you're facing is because of the unnecessary usage of backticks or single quotation marks. You can follow the following article to make the changes and the issue should be sorted out.
Article here
Change these from:
mysqli_query($con, "INSERT INTO `user_accounts` (`username`, `accs`, `genid`, `gen-name`, `date`, `status`) VALUES ('$username', '$goodalt', '$genid', '$genname', '$date', '1'") or die(mysqli_error($con));
to
mysqli_query($con, "INSERT INTO user_accounts (username, accs, genid, gen-name, date, status) VALUES ('$username', '$goodalt', '$genid', '$genname', '$date', '1'") or die(mysqli_error($con));
Hope that helps!
$logquery="INSERT INTO new_data_entry_log (directory,ip,description,state,status,instituteid,email,category,bandwidth,project,institutehead,contactnumber,landlinenumber,latitude,longitude,clientip,added by,added on,added at) VALUES ('$directory','$ipaddress','$description','$state','$status','$instituteid','$contactemail','$bandwidth','$institutehead','$contactNumber','$contactlandlinenumber','$latitude','$longitude','$clientip','$name','$currentdate','$currenttime')";
I can see there is a mismatch of columns count and related values count. Probably it might be the issue.
Did you try with removing the single quates of the variables?
I have formated your query.
Formated Query
$logquery="INSERT INTO `new_data_entry_log`(
`directory`,
`ip`,
`description`,
`state`,
`status`,
`instituteid`,
`email`,
`category`,
`bandwidth`,
`project`,
`institutehead`,
`contactnumber`,
`landlinenumber`,
`latitude`,
`longitude`,
`clientip`,
`added by`,
`added on`,
`added at`
) VALUES(
'$directory',
'$ipaddress',
'$description',
'$state',
'$status',
'$instituteid',
'$contactemail',
'$bandwidth',
'$institutehead',
'$contactNumber',
'$contactlandlinenumber',
'$latitude',
'$longitude',
'$clientip',
'$name',
'$currentdate',
'$currenttime'
)";
In your code
new_data_entry_log(19 property)
But
VALUES(17 values)
This is the main reason. Another reason can be data type issue.
Because you set all values as String/Varchar
Note: best practice(underscore) for database fields
`added by` --> 'added_by'
`added on` --> 'added_on'
`added at` --> 'added_at'
My connection to database works properly, but when I Send some information it does not update.
$name = mysql_escape_string($_POST['name']);
$mail = mysql_escape_string($_POST['mail1']);
$pass = mysql_escape_string($_POST['pass1']);
mysql_query("INSERT INTO `usrs` (`id`, `username`, `email`, `password`) VALUES (`NULL`, `$name`, `$mail`, `$pass`)");
I use to check data tables by:
MariaDB [BattleShip]> SELECT * FROM usrs;
output from this:
EMPTY set (0.00sec)
If your id is auto increment, don't include this column in query
...and replace value quote by '
mysql_query("INSERT INTO `usrs` (`username`, `email`, `password`) VALUES ('$name', '$mail', '$pass')");
i have a db query in php that is not inserting into database. Have used this format lots of times but for some reason its not working now. any ideas please
$query = "INSERT INTO `databasename`.`member_users` (`id`, `first_name`, `last_name`, `username`, `password`, `address1`, `address2`, `postcode`, `access`, `expires`) VALUES (NULL, '$fname', '$lname', '$email', '', '$add1', '$add2', '$postcode', '0', '')";
$result = mysql_query($query);
if($result){
echo"query inserted";
}else{
echo "nope";
}
Instead of echo "nope"; I suggest something like :
echo 'error while inserting : ['.mysql_errno().'] '.mysql_error();
echo 'query : '.$query;
This way you will be able to see the exact error and the query that was executed.
It can be a lot of things :
Constraint error with a foreign key
Data type error
Non-existent field
Wrong database or table name
Instead of...
$query = "INSERT INTO `databasename`.`member_users` ..."
do
$query = "INSERT INTO member_users ..."
Hope it works. :)
If databasename and member_users are variables then,
Instead of
$query = "INSERT INTO databasename.member_users...
do
$query = "INSERT INTO $databasename.$member_users...