Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Improve this question
I have tried rewrite the code, i have looked on previously succesful codings i have made and i really cant find the problem.. i am going crazy.
I am trying to post some data from a form to a database.
The database i setup correctly as far as i can tell, but something is making the script fail every time.
IMAGE OF DATABASE: http://imgur.com/F93A9ot
(sry for the language being in danish.)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<?php
// defining database information
define("HOSTNAME", "localhost");
define("MYSQLUSER", "admin");
define("MYSQLPASS", "admin");
define("MYSQLDB", "lynx");
// establishing database connection
if(isset($_POST['submit'])){
$connection = new mysqli(HOSTNAME, MYSQLUSER, MYSQLPASS, MYSQLDB);
$name = mysqli_real_escape_string($connection, $_POST['name']);
$price = mysqli_real_escape_string($connection, $_POST['price']);
$desc = mysqli_real_escape_string($connection, $_POST['desc']);
$insert = "INSERT into products (id, name, price, desc) VALUES (NULL, '$name', '$price', '$desc')";
if($connection->query($insert)) {
echo "Succes";
} else {
echo "Something went wrong";
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" name="name">
<input type="text" name="price">
<input type="text" name="desc">
<input type="submit" name="submit">
</form>
</body>
</html>
Can you see what i am doing wrong?
products (id, name, price, desc)
Tried reading the manual as well? desc is a reserved word.
If you didnt have this useless piece of code
else {
echo "Something went wrong";
}
and had
else {
echo $connection-error;
}
You would find that out yourself
desc is reverse keyword of mysql you can use it using backtick
$insert = "INSERT into products (`id`, `name`, `price`, `desc`) VALUES (NULL, '$name', '$price', '$desc')";
This is with your field 'desc' . this is not allowed by MYSQL because it is reserved. So please rename it. It will solve your issue.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
Im getting query error, im using the like LIKE sql function to search for the name submitted by the user.
But msqli_query is giving an error if i remove the LIKE function it works but doesn't works with the LIKE function
<!DOCTYPE html>
<html>
<head>
<title>Search Users</title>
</head>
<body>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"method="GET">
Name: <input type="text" name="name"></input>
<input type="submit" name="searchusers" value="Submit"></input> </br>
</body>
</html>
<?php require('connect.php');
$name = #$_GET['name'];
if ($_SERVER["REQUEST_METHOD"] == "GET")
{
$select123 ="SELECT username FROM users WHERE username LIKE ='%".$name."%'";
$check = mysqli_query($conn, $select123) or die("query error");
mysqli_num_rows($check) or die("Couldnt not find the Specified username");
}
?>
Please help
Remove = near keyword like :
$select123 ="SELECT username FROM users WHERE username LIKE '%".$name."%'";
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I'm trying to insert a bunch of data into a database, but I am having this error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '0' at line 1
Here are my two files:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert new Page</title>
</head>
<body>
<form action="insert_page.php" method="get">
New Page Name:<br>
<input type="text" name="pagename">
<input type="submit" value="Insert" >
</form>
</body>
</html>
This is insert_page.html, it's simply a text box and a button where the user can choose the new name for a new page to be entered in the database.
Now, here's the PHP being called when the button is pressed
<?php
$servername = "db.ist.utl.pt";
$username = "ist178349";
$password = "getrekt";
$dbname = "ist178349";
$pagename = $_POST['pagename'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO pagina (userid, pagecounter, nome, idseq, ativa)
VALUES (78349, 95002, " + $pagename + ",1151988, true)";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
However, I am getting that error, which I can't really understand. Any suggestions? Thanks in advance.
You should fix your query that contains + use . or leave it out and use single quote, that's acceptable in PHP sql query string.
$sql = "INSERT INTO pagina (userid, pagecounter, nome, idseq, ativa)
VALUES (78349, 95002, '$pagename', 1151988, true)";
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I have been struggling for about a week now and still have not got any results. I have read the following questions:
Unable to insert form data in MySQL database
Connection to database seems successful but INSERT INTO sends no data
PHP MySQL not inserting into database
https://askubuntu.com/questions/435746/unable-to-send-data-to-mysql-database-it-is-not-taking-by-my-php-code
I tried everything suggested in the above questions' answers. After reviewing my code, if you still think that the above questions' solution relates then please do tell.
My code -
connect.php -
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "practice_user";
// Create connection
$con = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($con->connect_error) {
echo "Connection failed: " . $con->connect_error;
}
else {
echo "Success";
}
//Insert data into database
$sql = "INSERT INTO simple_login (name,email) VALUES('{$mysqli->real_escape_string($_POST['name'])}','{$mysqli->real_escape_string($_POST['email'])}')";
$insert = $mysqli->query($sql);
if(!$insert)
{
echo $mysqli->error;
}
$mysqli->close();
register.html -
<html>
<head>
<title>TODO supply a title</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<form action="connect.php" method="post">
Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
As usual I am getting a "Successful" message for connection. Also it is not outputting any error message(if I have not appropriately tried to output insertion error in the given code, please do tell in the comments).
Thank you in anticipation.
I'll post this here, we all make mistakes so don't worry! As suggested your $mysqli function is undefined, you've stored your mysqli instance as the $con variable, so you should refer any mysqli functions on that.
Examine http://php.net/manual/en/mysqli.query.php for more information!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
Any rewrite....debugs? nothing is happening
This is the php code for the import but still i when i upload the CSV...it doesnt at all...what could be the error!....any expertise?
<form enctype="multipart/form-data" action="" method="POST"> CSV:
<input name="file" type="file" /> <input type="submit" value="Upload
File" /></p> </form>
<?php
$connection = mysql_connect("51.63.225.22","mape","Leftie1982#")
or die ("Couldn't connect to server");
$db = mysql_select_db("mapsyracuse", $connection)
or die ("Couldn't select database");
if(isset($_POST['submit']))
{
$file = $_FILES['file']['tmp_name'];
$handle = fopen($file,"r");
while(($fileop = fgetcsv($handle,1000,",")) !== false)
{
$ID = $fileop[0];
$Teritory = $fileop[1];
$First_Name = $fileop[2];
$Last_Name = $fileop[3];
$Type = $fileop[4];
$Activity_Description = $fileop[5];
$Start_Date = $fileop[6];
$End_Date = $fileop[7];
$Duration = $fileop[8];
$Status = $fileop[9];
$sql = mysql_query("INSERT INTO account_manager(
ID,
Teritory,
First_Name,
Last_Name,
Type,
Activity_Description,
Start_Date,
End_Date,
Duration,
Status
)
VALUES(
'$ID',
'$Teritory',
'$First_Name',
'$Last_Name',
'$Type',
'$Activity_Description',
'$Start_Date',
'$End_Date',
'$Duration',
'$Status')");
}
if($sql)
{
echo 'CSV file successfully imported.';
}
}
?>
which code do i add now???????
You've got a number of problems in your code, which you should fix before you proceed:
Possible SQL injection via the uploaded file - you are not escaping your user inputs. Do a search-engine search for "PHP mysql_real_escape_string" and read what the PHP manual has to say here
Using a deprecated database library. If you fix this, you can use parameterisation, which fixes the first problem too
No check made as to whether your database connection or query has succeeded
Unclear and inconsistent indentation
Closing paragraph tag (</p>) with no corresponding opening tag
Once you have fixed those issues, I suggest you then use echo and exit to debug this code - the problem could be any number of things.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I'm trying to create a self-submitting page that will create a form for a user to fill out. The information will be stored in a MySQL database. The form seems to be working, but I can't insert the information from the form into a database for some reason. Here's what I have:
<!DOCTYPE html>
<html>
<head>
<title>MySQL Test</title>
</head>
<body>
<h1>MySQL Test</h1>
<?php
if($_SERVER["REQUEST_METHOD"] == "GET") {
?>
<form action="" method="post">
<input type="text" name="name" placeholder="Name" /><br />
<input type="submit" value="Send" />
</form>
<?php
} else if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = $_POST["name"];
$server = new PDO("mysql:dbname=test;host=localhost", "root", "root");
$server->execute("INSERT INTO test ('name') VALUES $name;");
}
?>
</body>
</html>
What should I change?
your insert should look as follows:
$name = $_POST["name"];
$server = new PDO("mysql:dbname=test;host=localhost", "root", "root");
$stmt = $server->prepare("INSERT INTO test (name) VALUES (:name)");
$stmt->bindParam(':name', $name);
$stmt->execute();
Please do your insert like this:
$name = "john";
$query = "INSERT INTO test(col) VALUES(:name);";
$statement = $server->prepare($query);
$statement->execute(array(":name" => $name));
This is called using prepared statements, it's very easy and will avoid sql-injection. You can execute multiple variables on multiple cols on your query by separating with commas after each ":col" => $colVal, but that's not needed here, just a tip.
You can do it for updates aswell.
Remember to check if your being-inserted value is empty or not.