Why insert query does not work? - php

my code returns success, but it does not insert the record to the table "bekuldottkerdesek". What is causing the problem?
Even select command fails, when I start to echo some records from the table.
This is how the table looks: imgur
<?php
$servername = "***";
$username = "***";
$password = "***";
$dbname = "***";
$conn = new mysqli($servername, $username, $password, $dbname);
date_default_timezone_set('Europe/Bucharest');
$current_date = date("Y-m-d H:i:s");
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$check="SELECT * FROM bekuldottkerdesek WHERE kerdes = '$_POST[kerdes]'";
$res = mysqli_query($conn,$check);
if($res->num_rows){
header("Location: /bekuld.php?hiba=1");
}
else
{
$var1 = isset($_POST['at']) ? 1 : 0;
$var2 = isset($_POST['bt']) ? 1 : 0;
$var3 = isset($_POST['ct']) ? 1 : 0;
$sql = "INSERT INTO bekuldottkerdesek (datum, kerdes, a, b, c, at, bt, ct)
VALUES ('$current_date', '$_POST[kerdes]', '$_POST[a]', '$_POST[b]', '$_POST[c]', $at, $bt, $ct)";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
header("Location: /bekuld.php?hiba=2");
}
$conn->close();
?>

change the insert statment to ,error passing data from $_POST
$sql = "INSERT INTO bekuldottkerdesek (datum, kerdes, a, b, c, at, bt, ct)
VALUES ('$current_date', '{$_POST['kerdes']}', '{$_POST['a']}', '{$_POST['b']}', '{$_POST['c']}', $at, $bt, $ct)";
and change this statment
$check="SELECT * FROM bekuldottkerdesek WHERE kerdes = '$_POST[kerdes]'";
to
$check="SELECT * FROM bekuldottkerdesek WHERE kerdes = '{$_POST['kerdes']}'";

Related

MYSQL create a line with every new user

I have a little problem
I want to create a script, that creates a new line in the table, if there is a new user and in the line, change the "points" columme to zero(0)
This is my current code:
<?php
header('Content-Type: text/html; charset=Windows-1250');
$firstName = $_POST['firstname'];
$servername = "db.mysql-01.gsp-europe.net";
$username = "xxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// sql to create table
$sql = "UPDATE `member_profile` SET points = points + 1 WHERE user_id = '$firstName'";
if ($conn->query($sql) === TRUE) {
echo "Thingz created successfully";
} else {
echo "Error doing sum thingz: " . $conn->error;
}
$conn->close();
?>
What i need in the cube: When there new user_id ($firstName) appear, create new line with this user name, and change the "points" columme from "null" into Zero(0)
Thanks for yout time, I appreciate it
If I understand well you want to check if the user exists or not. If user is new create new line with the user with 0 points and if exist increse points with 1.
<?php
header('Content-Type: text/html; charset=Windows-1250');
if(isset($_POST['firstname'])){
$firstName = $_POST['firstname'];
$servername = "db.mysql-01.gsp-europe.net";
$username = "xxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// check if the user exist
$check = "SELECT * FROM `member_profile` WHERE user_id = '$firstName'";
$result = mysqli_query($conn,$check) or die(mysqli_error($conn));
$rows = mysqli_num_rows($result);
//if exist increse points with 1
if($rows>=1){
$sql = "UPDATE `member_profile` SET points = points + 1 WHERE user_id = '$firstName'";
if ($conn->query($sql) === TRUE) {
echo "Thingz created successfully";
} else {
echo "Error doing sum thingz: " . $conn->error;
}
}
//if don't exist create user with points 0
if($rows==0)
{
$query = "INSERT into `member_profile` (user_id, points) VALUES ( '$firstName' ,'0')";
$result = mysqli_query($conn,$query)or die(mysqli_error($conn));
$conn->close();
}
}
?>
Remember, I gave you an idea, the code is prone to sql inject

I am trying to run a query that takes value from one table and uses it as condition to fetch value or execute action on another table

I am trying to take the value of the topay column where torecieve equals to current session user id and use it to perform operation on the user table.
But it throws a syntax error
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "bazze2";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$merge = "SELECT topay FROM merge WHERE torecieve=$_SESSION[id]";
$sql = "UPDATE user SET topay2='10000000' WHERE 'id'=$merge";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
Use a prepared query, and use a join.
$sql = "UPDATE user AS u
JOIN merge AS m ON u.id = m.topay
SET u.topay2 = '10000000'
WHERE m.toreceive = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_SESSION['id']);
if ($stmt->execute()) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $stmt->error;
}

How to put the output query from mySQL to php int variable

I want to do a query to get the last id (int) in a table to create a new row with that last id + 1 but actually this just put all rows with the same id
my code:
<?php
$servername = "localhost";
$user = "root";
$pass = "dbpass";
$dbname = "site";
$mail = $_POST['mail'];
$password = $_POST['password'];
// Create connection
$conn = mysqli_connect($servername, $user, $pass, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sqlID = "SELECT MAX(id) FROM `login`;";
if ($result = mysqli_query($conn, $sqlID)) {
$id = mysqli_fetch_row($result);
}
settype($id, "int");
$id = $id + 1;
$sql = "INSERT INTO login (`id`,`mail`,`password`)
VALUES ('".$id."','".$mail."','".$password."');";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
mysqli_fetch_row returns always an array, also if there is only 1 element. So the MAX(id) in in $row[0].
Fixing this, you also don't need to use settype.
If your id is autoincrement, change this:
$sql = "INSERT INTO login (`id`,`mail`,`password`)
VALUES ('".$id."','".$mail."','".$password."');";
to:
$sql = "INSERT INTO login (`mail`,`password`)
VALUES ('".$mail."','".$password."');";
Then get rid of all code from $sqlID to $id + 1; (for tidyness)

multi_query() has an error

I need some help finding my error on the enclosed code. When I run either of the two queries using the if ($conn->query($sql) === TRUE) { method each works correctly. But when I try to combine them with the if ($conn->multi_query($sql) === TRUE) { method. No records are uploaded. What am I doing wrong here.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "practice";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connection made...";
$payload_dump = $_POST['payload'];
echo $payload_dump;
$payload_array = json_decode($payload_dump,true);
if(is_array($payload_array)){
foreach($payload_array as $row){
//get the data_payload details
$device = $row['device'];
$type = $row['data_type'];
$zone = $row['zone'];
$sample = $row['sample'];
$count = $row['count'];
$time = $row['date_time'];
$epoch = $row['epoch_stamp'];
$sql = "INSERT INTO data(device, type, zone, sample, count, date_time, epoch_stamp) VALUES('$device', '$type', '$zone', '$sample', '$count', '$time', '$epoch');";
$sql . = "UPDATE data SET date_time = FROM_UNIXTIME(epoch_stamp);";
if ($conn->multi_query($sql) === TRUE) {
//if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
}
$conn->close();
?>
... and yes I realize this code is not secure but it's ok for my testing purposes.
Intrinsically the code below is the same until we get to the loop where we build up an array of queries to be executed and execute the multi_query() once at the end once we leave the loop. I have removed some of the comments and statements that echo out info at the start for brevity. I hope this looks ok and works....
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "practice";
$conn = new mysqli($servername, $username, $password, $dbname);
if( $conn->connect_error ) die("Connection failed: " . $conn->connect_error);
$payload_dump = $_POST['payload'];
$payload_array = json_decode($payload_dump,true);
if( is_array( $payload_array ) ){
$queries=array();
foreach( $payload_array as $row ){
//get the data_payload details
$device = $row['device'];
$type = $row['data_type'];
$zone = $row['zone'];
$sample = $row['sample'];
$count = $row['count'];
$time = $row['date_time'];
$epoch = $row['epoch_stamp'];
/*note: we do not need to add the semi-colon here as it gets added later when we implode the array */
$queries[]="INSERT INTO `data` ( `device`, `type`, `zone`, `sample`, `count`, `date_time`, `epoch_stamp` ) VALUES ('$device', '$type', '$zone', '$sample', '$count', '$time', '$epoch')";
}
/*
Previously the below query was being execute on every iteration
~ because $epoch is now the last one encountered in the array,
the value that is updated in ALL records is as it would have been
previously.
*/
$queries[]="UPDATE `data` SET `date_time` = from_unixtime( $epoch );";
$sql=implode( ';', $queries );
if ( $conn->multi_query( $sql ) === TRUE ) {
echo "New records created and updated successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
$conn->close();
?>

mysql will not insert past fourth row

I'm not exactly sure what happened but this database and the php effecting it were working just fine until it hit the fourth row and now it won't insert new records at all.
if($_POST)
{
$servername = ******;
$username = ******;
$password = ******;
$db = ******;
$conn = mysqli_connect($servername, $username, $password, $db);
mysqli_select_db($conn,$db);
$uuid = $_POST['uuid'];
$sql = "INSERT INTO uuid VALUES ('$uuid');";
mysqli_query($conn,$sql);
mysqli_close($conn);
}
I'm not sure what happened but this is the relevant code for the mysqli query.
try this
<?php
if(isset($_POST['uuid']))
{
$servername = yourServerName;
$username = username;
$password = password;
$dbname = databaseName;
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$uuid = $_POST['uuid'];
$sql = "INSERT INTO tableName (columnName) VALUES ('$uuid')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
Also, I recommend using prepared statements.

Categories