<?php
>here is database connection code
$connection = mysqli_connect($server_name,$user_name,$password,$database_name);
>the post variable comes from another page
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$birth_date = $_POST['birth_date'];
if($connection){
$insert = "insert into describee(first_name,last_name,birth_date)
values ('$first_name','$last_name','$birth_date')";
$execute_insert = mysqli_query($connection,$insert) or die("insert query error");
>here i want to select the lase inserted row from database to show it in textarea tag
if( !empty($first_name) && !empty($last_name) && !empty($birth_date) ){
$last_id = mysqli_insert_id();
$select = "select * from describee where id = $last_id";
$execute_select = mysqli_query($connection,$select) or die("select query error");
>$last_id doesn't hold any data so it return error in the select query.
?>
You're missing your connection to MySQL which should be passed as a parameter to mysqli_insert_id()
$last_id = mysqli_insert_id($connection);
Related
Godd night. I have this code for php to add data to my database but i dont get succes.
<?php
require("config.inc.php");
if (!empty($_POST)) {
$user = $_POST['User'];
$mail = $_POST['Mail'];
$token = $_POST['Token'];
$pass = $_POST['Pass'];
$result = mysqli_query($con,"SELECT 1 FROM Proteos where
User='$user'");
$row = mysqli_fetch_array($result);
$data = $row[0];
if($data==0){
echo $data;
echo "Hey, un grato saludo mister ".$user."!\n";
$query = "INSERT INTO Proteos (User, Mail ) VALUES ($user,$mail ) ";
}
mysqli_close($con)
And this is my config.inc
<?php
define('DB_SERVER','mysql.smartfreehosting.net');
define('DB_NAME','u178665800_prote');
define('DB_USER','u178665800_carin');
define('DB_PASS','xxxxxx');
$con = mysql_connect(DB_SERVER,DB_USER,DB_PASS);
mysql_select_db(DB_NAME,$con);
?>
Put your value in single quote And than execute query
$query = "INSERT INTO Proteos (User, Mail ) VALUES ($user,$mail ) ";
to
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail') ";
And after that pass $query to mysqli_query like
mysqli_query($con,$query);
String values have to be passed in quotes. Also execute the query .
To debug use mysqli_error
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('{$user}','{$mail}' ) ";
mysqli_query($con,$query);
or
mysqli_query($conn, $query) or die(mysqli_error($conn));
to connect with mysqli (ref) change in config.inc
$con = mysqli_connect(DB_SERVER,DB_USER,DB_PASS, DB_NAME);
You are inserting VARCHAR (string) data into Database without single quotes.
Data without single quotes is considered as either table/field names or integers or keywords.
Your entered data being none of these is causing errors.
Corrected SQL:
$query = "INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail') ";
<?php
require("config.inc.php");
if (!empty($_POST)) {
$user = $_POST['User'];
$mail = $_POST['Mail'];
$token = $_POST['Token'];
$pass = $_POST['Pass'];
$result = mysqli_query($con,"SELECT 1 FROM Proteos where
User='$user'");
$row = mysqli_fetch_array($result);
$data = $row[0];
if($data==0){
echo $data;
echo "Hey, un grato saludo mister ".$user."!\n";
mysqli_query($con,"INSERT INTO Proteos (User, Mail ) VALUES ('$user','$mail' ) ") or die(mysqli_error());
}
mysqli_close($con);
check above code, values are insert using 'var' like '$user','$mail'
any error shows in the query helps to find the code or die(mysqli_error())
I am using $_SESSION['']; to get values from a user after they have logged in. This data is coming from the users table.
I am then trying to SELECT * FROM roster table by doing a query and assigning a var for each value when the users API=$API
error_reporting(E_ALL);
include ('database_connection.php');
$DOCSIGNEDBYIP = $_SERVER['REMOTE_ADDR'];
$API = $_SESSION['API'];
$FirstName = $_SESSION['firstname'];
$LastName = $_SESSION['lastname'];
$Email = $_SESSION['email'];
$ExecutionDate = date();
$query = "SELECT * FROM roster WHERE API='$API'";
$result = mysqli_query($dbc, $query);
$address = $result['address'];
database_connection.php
$dbc = #mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD,
DATABASE_NAME);
I am not getting anything. No errors.
You have to use mysqli_fetch_array() or mysqli_fetch_assoc() or similar function to return values from your mysqli_query() query. See below:
$query = "SELECT * FROM roster WHERE API='$API'";
$result = mysqli_fetch_array(mysqli_query($dbc, $query));
$address = $result['address'];
This is the code for database connection in php:
<?php
$connection = mysql_connect("localhost", "root", "root"); // Establishing Connection with Server
$db = mysql_select_db("fimos", $connection); // Selecting Database from Server
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$gender = $_POST["gender"]; //declare gender
$race = $_POST["race"];
$ic = $_POST["icno"];
$name = $_POST["name"];
$old_ic = $_POST["oldic"];
$add1 = $_POST["add1"];
$add2 = $_POST["add2"];
$add3 = $_POST["add3"];
$postcode = $_POST["postco"];
$town = $_POST["tow"];
$state = $_POST["state"];
$home_con = $_POST["homep"];
$fax_contact = $_POST["fax"];
$hp_con1 = $_POST["mobi1"];
$hp_con2 = $_POST["mobi2"];
$email = $_POST["email"];
if($ic !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query("INSERT INTO customer_info(cust_gender, cust_race, cust_ic,
cust_name, cust_old_ic, cust_add1, cust_add2, cust_add3, cust_postcode,
cust_town, cust_state, cust_home_con, cust_fax_contact, cust_hp_contact1,
cust_hp_contact2, cust_email)
VALUES ('$gender', '$race', '$ic' , '$name', '$old_ic', '$add1', '$add2',
'$add3', '$postcode', '$town', '$state', '$home_con', '$fax_contact',
'$hp_con1', '$hp_con2', '$email')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
mysql_close($connection); // Closing Connection with Server
Hi guys, I want to ask about the database connection, is it my code wrong somewhere?
Because I cant found any error in the code.
I click button register should come over this page to store the data.
when I come to this page display all blank.
I try to change the database name also no response.
I hope you guys can help me.
Thanks.
It should be:
$connection = mysql_connect("localhost", "root", ""); //empty the third parameter. If you have password then insert that in your third parameter
Paste this code inside your if condition so that it will return error from your sql query.
if (!$query) {
die('Invalid query: ' . mysql_error());
}
Try to use the PDO extension instead of mysql & mysqli function. The mysql_* functions are no longer maintained and community has begun the deprecation process. Instead you should learn about prepared statements and use either PDO or MySQLi there are lots of benefits of using PDO over mysqli.
Add the above code
if($ic !=''||$email !=''){
$query = mysql_query("your query");
if (!$query) {
die('Invalid query: ' . mysql_error());
} else {
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
}
I am working on one php script and would like to insert data to three different tables. How can I do that on php action script.
error_reporting(0);
$datee=$_POST['date'];
$company=$_POST['company'];
$PAddress = $_POST['PAddress'];
$recruiter=$_POST['recruiter'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$company=$_POST['company'];
$agents=$_POST['agents'];
$resumes = $_POST['resumes'];
$structure=$_POST['structure'];
$sql = "INSERT INTO job_spec_contact (contact_info_key, datee,company_name,Physical_Address, recruitment_person,email,Telephone)
VALUES('null','$datee','$company','$PAddress','$recruiter','$email','$telephone')";
"INSERT INTO job_company_infor (info_key, company_specialization,no_of_agents,no_of_resumes, org_structure)
VALUES('null','$company','$agents','$resumes','$structure')";
The problem is, it is only saving date on one table.
please assist me as I am new to php.
Thanks in advance.
$link = mysqli_connect("host", "username", "password", "database");
$sql = "INSERT INTO job_spec_contact (contact_info_key, datee,company_name,Physical_Address, recruitment_person,email,Telephone)
VALUES('null','$datee','$company','$PAddress','$recruiter','$email','$telephone') ;";
$sql . = "INSERT INTO job_company_infor (info_key, company_specialization,no_of_agents,no_of_resumes, org_structure)
VALUES('null','$company','$agents','$resumes','$structure')";
mysqli_multi_query($link, $sql);
Sorry for late reply.
If you are using mysql: (Not recommended due to unsecure)
$conn = mysql_connect('localhost','username','password', true, 65536) or die("cannot connect");
mysql_select_db('YourDBName') or die("cannot use database");
if(isset($_POST['Submit'])){
$datee = $_POST['date'];
$company = $_POST['company'];
$PAddress = $_POST['PAddress'];
$recruiter = $_POST['recruiter'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$company = $_POST['company'];
$agents = $_POST['agents'];
$resumes = $_POST['resumes'];
$structure = $_POST['structure'];
}
$result = mysql_query("
INSERT INTO job_spec_contact (contact_info_key, datee, company_name, Physical_Address, recruitment_person,email,Telephone)
VALUES('null','$datee','$company','$PAddress','$recruiter','$email','$telephone');
INSERT INTO job_company_infor (info_key, company_specialization,no_of_agents,no_of_resumes, org_structure)
VALUES('null','$company','$agents','$resumes','$structure');
");
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
while ($row = mysql_fetch_assoc($result)) {
echo $row['datee'];
echo $row['company_name'];
......
}
mysql_free_result($result);
?>
If you are using mysqli: (Recommended),
$conn = mysqli_connect('localhost','username','password') or die("cannot connect");
mysqli_select_db($conn, 'YourDBName') or die("cannot use database");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
if(isset($_POST['Submit'])){
$datee = $_POST['date'];
$company = $_POST['company'];
$PAddress = $_POST['PAddress'];
$recruiter = $_POST['recruiter'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$company = $_POST['company'];
$agents = $_POST['agents'];
$resumes = $_POST['resumes'];
$structure = $_POST['structure'];
}
$query = "INSERT INTO job_spec_contact (contact_info_key, datee, company_name, Physical_Address, recruitment_person, email, Telephone)
VALUES('null','$datee','$company','$PAddress','$recruiter','$email','$telephone')";
$query .= "INSERT INTO job_company_infor (info_key, company_specialization, no_of_agents, no_of_resumes, org_structure)
VALUES('null','$company','$agents','$resumes','$structure')";
if ($mysqli->multi_query($query)) {
do {
if ($result = $mysqli->store_result()) {
while ($row = $result->fetch_row()) {
printf("%s\n", $row[0]);//test here your values.
//$datee = $row['datee'];
}
$result->free();
}
} while ($mysqli->next_result());
}
/* close connection */
$mysqli->close();
Hope this helps.
Note:
Check always POST is present or not by isset. (assume, input name Submit)
Use MySQLi/PDO instead of MySQL to avoid SQL injection.
Debug code by using echo, print_r, var_dump, etc.,
Try to use field names are in same pattern. For ex, Instead of Physical_Address, use physical_address like other fields. Telephone to telephone. datee to job_contact_date, etc.,
Just execute your queries one by one. And DO NOT write error_reporting(0); or the errors won't show. Plus where is your DB ?
$sql1 = "INSERT INTO job_spec_contact (contact_info_key, datee,company_name,Physical_Address, recruitment_person,email,Telephone)
VALUES('null','$datee','$company','$PAddress','$recruiter','$email','$telephone')";
$sql2 = "INSERT INTO job_company_infor (info_key, company_specialization,no_of_agents,no_of_resumes, org_structure)
VALUES('null','$company','$agents','$resumes','$structure')";
mysqli_query($db,$sql1) or die('error '.$sql1.'<br>'.mysqli_error($db));
mysqli_query($db,$sql2) or die('error '.$sql2.'<br>'.mysqli_error($db));
The query runs in mysql, there is no catch when you submit but the data doesn't update. Is there any advice on why this doesn't work or even how to debug this?
<?php
if( $_SERVER['REQUEST_METHOD'] == "POST" )
{
// var_dump($_POST["first_name"]);
try
{
// this needs to be a lot more secure!
// read PDO manual
$id = $_GET['id'];
// $description = $_POST["description"];
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$description = $_POST["description"];
$sql = $db->prepare("UPDATE `exhibitors` SET first_name = '$first_name' WHERE id = '52'");
$update = $db->query($sql);
}
catch ( Exception $e )
{
echo " Data could not be updated from the database.";
}
}
and the connection:
<?php
try
{
$db = new PDO("mysql:host=localhost;dbname=openstudios;port=8889","root","root");
$db->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
$db->exec("SET NAMES 'utf8'");
// var_dump($db);
}
catch ( Exception $e )
{
echo "Could not connect to the database.";
exit;
}
You are not using prepare() (or query()) correctly here. prepare() is used to create a "prepared statement" that gets ran with execute() and query() is used to run an SQL query string.
DO NOT concatenate your $_POST values into your query string, that's how you open yourself up to SQL injections. You are ignoring the whole point of using prepared statements.
This is for MySQLi:
$id = $_GET['id'];
// $description = $_POST["description"];
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$description = $_POST["description"];
$sql = $db->prepare("UPDATE `exhibitors` SET first_name = ? WHERE id = ?");
$sql->bind_param('sd', $first_name, $id);
$sql->execute();
See the docs: http://php.net/manual/en/mysqli.prepare.php
If you are using PDO, the syntax is a bit different
$id = $_GET['id'];
// $description = $_POST["description"];
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$description = $_POST["description"];
$sql = $db->prepare("UPDATE `exhibitors` SET first_name = :first_name WHERE id = :id");
$sql->execute(array(
'first_name' => $first_name,
'id' => $id
));
For prepared statements you should be using something like this
$sql = $db->prepare('UPDATE exhibitors SET first_name = :first_name WHERE id = :id');
$sql->execute(array('first_name' => $first_name,'id' => 52));
In case you want to use query statement only, (which one should not, receptive to SQL injections)
$db->query("UPDATE exhibitors SET first_name = '$first_name' WHERE id = 52");