Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question appears to be off-topic because it lacks sufficient information to diagnose the problem. Describe your problem in more detail or include a minimal example in the question itself.
Closed 8 years ago.
Improve this question
i'm new here and i need some help plz if you could give me a solution to my problem it will be great.So i need some help to resolve this probleme, here HTML
<html><body>
<form method="post" action="test.php">
Flights on: <br/>
<input type="checkbox" name="Days[]" value="Daily">Daily<br>
<input type="checkbox" name="Days[]" value="Sunday">Sunday<br>
<input type="checkbox" name="Days[]" value="Monday">Monday<br>
<input type="checkbox" name="Days[]" value="Tuesday">Tuesday <br>
<input type="checkbox" name="Days[]" value="Wednesday">Wednesday<br>
<input type="checkbox" name="Days[]" value="Thursday">Thursday <br>
<input type="checkbox" name="Days[]" value="Friday">Friday<br>
<input type="checkbox" name="Days[]" value="Saturday">Saturday <br>
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
AND the PHP one :
`
// Make a MySQL Connection
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("test") or die(mysql_error());
$checkBox = implode(',', $_POST['Days']);
if(isset($_POST['submit']))
{
$query="INSERT INTO test (c1,c2,c3,c4,c5,c6,c7) VALUES (" . $_POST['Days'][0] . ",
" . $_POST['Days'][1] . ",
" . $_POST['Days'][2] . ",
" . $_POST['Days'][3] . ",
" . $_POST['Days'][4] . ",
" . $_POST['Days'][5] . ",
" . $_POST['Days'][6] . ",
" .$_POST['Days'][7] . ")";
mysql_query($query) or die (mysql_error() );
echo "Complete";
}
?>`
it's says to me undifined offsets and :You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,,,)' at line 1
plzzzzz HELP!!!!
i need to insert the values of the checkbox checked into my sql db.
simply use implode()
echo "INSERT INTO test (c1,c2,c3,c4,c5,c6,c7) VALUES ('".implode("','", $_POST[Days])."')";
output:
INSERT INTO test (c1,c2,c3,c4,c5,c6,c7) VALUES ('Daily','Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday')
If the checkbox is not checked it will not be posted. You can add custom keys for your checkboxes like this Days[Daily] and then check if the value is set using php:
$daly = empty($_POST['Days']['Daily']) ? 0 : $_POST['Days']['Daily'];
You should do the same thing with all checkboxes.
Reason:
The unselected checkbox will not be posted.
For instance, if you didn't select checkbox7 then $_POST['Days'][7] will be empty , your query will end with ',,)'. Like this:
INSERT INTO test (c0,c1,c2,c3,c4,c5,c6,c7) VALUES (0,1,2,3,4,5,6,,)
And also, your columns should math your fileds.
Change your query logic to something like this will work:
$query="INSERT INTO test (c0,c1,c2,c3,c4,c5,c6,c7) VALUES ('" . $_POST['Days'][0] . "',
'" . $_POST['Days'][1] . "',
'" . $_POST['Days'][2] . "',
'" . $_POST['Days'][3] . "',
'" . $_POST['Days'][4] . "',
'" . $_POST['Days'][5] . "',
'" . $_POST['Days'][6] . "',
'" .$_POST['Days'][7] . "')";
It will produce
INSERT INTO test (c0,c1,c2,c3,c4,c5,c6,c7) VALUES ('0','1','2','3','4','5','6','')
Check this out to learn how to connect to mysql. http://www.w3schools.com/php/func_mysql_connect.asp
I would recommend that before jumping straight into PHP, you should learn the basics and then start to build out your own PHP project.
Also, always look at the error given, it says that the error is on line one of your PHP code, so you should check that out to find out the problem.
Here are some of the best places to learn code...
http://www.codecademy.com/ and http://www.phptherightway.com/
The first one is interactive and is probably the most useful to get you started. Then check out PHP the right way as this will show you how to make PHP project the right and most up to date way.
Good luck on your future PHP projects. :)
Error is here: $checkBox = implode(',', $_POST['Days']);
the ',' part - you should use "','" instead of ',' because sql needs each values within single quote marks.
and here: VALUES (" . $_POST['Days'][0] . ", .... , " .$_POST['Days'][7] . ")";
you are missing starting single quote mark for first value and ending single quote mark for final value. so add extra single quote mark after open the bracket and before ending the bracket:
VALUES ('" . $_POST['Days'][0] . ", .... , " .$_POST['Days'][7] . "')";
*And use mysqli_ with prepared statements and don't use mysql_ when dealing with database since it will be deprecated soon. and for a better security.
Hey i think you need to change your php. You need to store it in the variables. Please check this code and tell me it is working or not.And you need to add one more - c8
// Make a MySQL Connection
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("test") or die(mysql_error());
$checkBox = implode(',', $_POST['Days']);
$days1=$_POST['Days'][0];
$days2=$_POST['Days'][1] ;
$days3=$_POST['Days'][2] ;
$days4=$_POST['Days'][3] ;
$days5=$_POST['Days'][4] ;
$days6=$_POST['Days'][5] ;
$days7=$_POST['Days'][6] ;
$days8=$_POST['Days'][7] ;
if(isset($_POST['submit']))
{
$query="INSERT INTO test (c1,c2,c3,c4,c5,c6,c7,c8) VALUES ('$days1',
'$days1','$days2','$days3','$days4','$days5','$days6','$days7','$days8');
mysql_query($query) or die (mysql_error() );
echo "Complete";
}
?>
Related
So I'm attempting to gather data from a form in HTMl using the POST method and insert said data into a MySQL database using MySQLi functions. When in standalone PHP (without the database connection), I'm able to POST and echo data successfully to the second document.
However, once I open the connection to the database and attempt to use an insert statement, the data stops POSTing all together. I've tested the insert statement using strings, it works just fine.
Here's my form:
<form action="welcome" method="post">
First Name*<br>
<input type="text" name="userFN" required><br><br>
Last Name*<br>
<input type="text" name="userLN" required><br><br>
Email*<br>
<input type="email" name="userEmailAddress" required><br><br>
Password*<br>
<input type="password" name="userPassword" required><br><br>
Tell Us About Yourself<br>
<textarea rows="4" cols="50" name="userDescription">
</textarea>
<br>
<input type="submit">
</form>
Here's my PHP (welcome, as used in the action above).
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//post form info into variables
$userFN = mysqli_real_escape_string($conn, $_POST['userFN']);
$userLN = mysqli_real_escape_string($conn, $_POST['userLN']);
$userEmailAddress = mysqli_real_escape_string($conn, $_POST['userEmailAddress']);
$userPassword = mysqli_real_escape_string($conn, $_POST['userPassword']);
$userDescription = mysqli_real_escape_string($conn, $_POST['userDescription']);
$sql = "INSERT INTO users (userFN, userLN, userEmailAddress, userPassword, userDescription) VALUES" . " ('" . $userFN . "','" . $userLN . "','" . $userEmailAddress . "','" . $userPassword . "','" . $userDescription . "');";
echo $sql;
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
It always returns New record created successfully, and inserts a new record into the database, but all of the fields are blank. When I echo the insert statement, I get this:
INSERT INTO users (userFN, userLN, userEmailAddress, userPassword, userDescription) VALUES ('','','','','');
So it's clearly not getting my POST data anymore. I've tried using prepared statements and still no luck. What am I doing wrong here? I greatly appreciate any and all advice, thank you in advance.
The answer may surprise you.
So the issue is actually in the form "action". Because of the way my webhosting provider is configured, I actually needed to specify /index.php/ after the folder name in the action. It was actually confusing the server and for some reason translated to 'GET' instead of 'POST'. Hope this helps.
Thanks for all the support!
It's pretty much one of my first times working with MYSQL, and I can't seem to fix this one error I keep getting. I'm trying to store data to a table which has an auto_increment on its id (first column).
The error I keep getting is this:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'voorletters ='asd', tussenvoegsel ='', achternaam ='', roepnaam ='', adres ='', ' at line 1"
I just filled the textboxes with a little bit of rubish, there are no columns that require data either. Here is the code I use:
if(isset($_POST['save']))
{
$voorletters = $_POST['voorletters'];
$tussenvoegsel = $_POST['tussenvoegsel'];
$achternaam = $_POST['achternaam'];
$roepnaam = $_POST['roepnaam'];
$adres = $_POST['adres'];
$postcode = $_POST['postcode'];
$plaats = $_POST['plaats'];
$geslacht = $_POST['geslacht'];
$emailadres = $_POST['emailadres'];
$telefoonnummer = $_POST['telefoonnummer'];
$mobielenummer = $_POST['mobielenummer'];
$geboortedatum = $_POST['geboortedatum'];
$bsn = $_POST['bsn'];
mysql_query("INSERT INTO `naw` "
. "voorletters ='$voorletters', "
. "tussenvoegsel ='$tussenvoegsel', "
. "achternaam ='$achternaam', "
. "roepnaam ='$roepnaam', "
. "adres ='$adres', "
. "postcode ='$postcode', "
. "plaats ='$plaats', "
. "geslacht ='$geslacht', "
. "emailadres ='$emailadres', "
. "telefoonnummer ='$telefoonnummer', "
. "mobielenummer ='$mobielenummer', "
. "geboortedatum ='$geboortedatum', "
. "bsn ='$bsn' "
. "WHERE id = '$id'")
or die(mysql_error());
If this isn't enough information, please tell me. I've tried a lot of things, but I can't seem to figure it out.
You mix up insert and update syntax. Replace
INSERT INTO `naw` voorletters ='$voorletters'...
with
UPDATE `naw` set voorletters ='$voorletters'....
And you should really use Prepared Statements to avoid syntax errors and SQL injections due to user input.
You have a wrong syntax
The INSERT syntax is
INSERT INTO `YourTableName`(`Field1`, `Field2`, `Field3`, `Field4)
VALUES ('value-1','value-2','value-3','value-4')
The UPDATE syntax is
UPDATE `YourTableName`
SET `Field1`='value-1',`Field2`='value-2',`Field3`='value-3',`Field4`='value-4'
WHERE YourConditions
Just use following code. Make sure that you are inserting data for every field sequentially-
mysql_query("INSERT INTO `naw` VALUES(
'".$voorletters."',
'".$tussenvoegsel."',
'".$achternaam."',
'".$roepnaam."',
'".$adres."',
'".$postcode."',
'".$plaats."',
'".$geslacht."',
'".$emailadres."',
'".$telefoonnummer."',
'".$mobielenummer."',
'".$geboortedatum."',
'".$bsn."')")
or die(mysql_error());
You should remove the `` around naw, it's ok in phpmyadmin but quite messy almost every where else.
And you souldn't concatenate every line, do it in one "..." and use backspace to make it more readable.
So:
mysql_query("INSERT INTO naw
VALUES('$voorletters',
'$tussenvoegsel',
... ,
WHERE id = '$id'");//you can't do that, maybe you should use an UPDATE
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
Hi I cannot get the below query to work in order to insert the session data into the database, Could anyone please tell me what is wrong with it or what I can do to fix it? Thanks in advance.
<?php
session_start();
if (isset($_POST['sub'])) {
$host='localhost';
$user='root';
$pass='';
$db='theatre_booking';
$con=mysqli_connect($host,$user,$pass,$db);
$row = $_POST['row'];
$_SESSION["row"]=$row;
$zone = $_POST['zone'];
$_SESSION["zone"]=$zone;
$quantity = $_POST['numberOfTickets'];
$_SESSION["numberOfTickets"]=$quantity;
$sql="INSERT INTO booking(PerfDate, PerfTime, Name, Email, RowNumber)
VALUES
'{$_SESSION['date']}',
'{$_SESSION['time']}',
'{$_SESSION['name']}',
'{$_SESSION['email']}',
'{$_SESSION['row']}')";
if ($con->query($sql) === TRUE) {
echo "Booking successful";
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
}
?>
you are missing opening bracket '(' after values in insert statement.
$sql="INSERT INTO booking(PerfDate, PerfTime, Name, Email, RowNumber)
VALUES (
'{$_SESSION['date']}',
'{$_SESSION['time']}',
'{$_SESSION['name']}',
'{$_SESSION['email']}',
'{$_SESSION['row']}')";
if ($con->query($sql) === TRUE) {
echo "Booking successful";
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
Missing opening parenthesis after VALUES and I suggest you explicitly write the variables in the string.
Don't rely on php variable expansion, it's also much easier to read.
$sql='INSERT INTO booking(PerfDate, PerfTime, Name, Email, RowNumber)
VALUES
("' . $_SESSION["date"] . '",
"' . $_SESSION['time'] . '",
"' . $_SESSION['name'] . '",
"' . $_SESSION['email'] . '",
"' . $_SESSION['row'] . '"
)';
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
Im self learning mySQL and php few days and now Im stuck on this error and cant help myself. Can you look at code, Thanks!
this is error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 7
here is the page
switch($_GET['action']) {
case 'add':
switch($_GET['type']) {
case 'movie':
$query = 'INSERT INTO
movie
(movie_name, movie_year, movie_type)
VALUES
("' . $_POST['movie_name'] . '",
' . $_POST['movie_year'] . ',
' . $_POST['movie_type'] . ')';
break;
}
break;
}
if (isset($query)) {
$result = mysql_query($query, $db) or die(mysql_error($db));
}
I think problem may be in here
<td><select name='movie_type'>
<?php
$query = 'SELECT movietype_label FROM movietype ORDER BY movietype_id';
$result = mysql_query($query, $db) or die (mysql_error($db));
while ($row = mysql_fetch_assoc($result)) {
foreach ($row as $value) {
echo '<option value="' . $row['movietype_id'] . '">';
echo $row['movietype_label'] . '</option>';
}
}
?>
</select></td>
and here is print_r on
Array(
[movie_name] => asd
[movie_type] =>
[movie_year] => 2015
[submit] => ADD)
Shouldn't you be using a double quote " instead of single quote ' like below. You are mixing single and double quote.
$query = "INSERT INTO
movie
(movie_name, movie_year, movie_type)
VALUES
('" . $_POST['movie_name'] . "',
'" . $_POST['movie_year'] . "',
'" . $_POST['movie_type'] . "')";
Granted this is ugly, but would be surprised if it fails.
$query = "INSERT INTO
movie (movie_name, movie_year, movie_type)
VALUES
('"
. $_POST['movie_name'] . "','"
. $_POST['movie_year'] . "','"
. $_POST['movie_type'] . "')";
Also, you need to cleanse your data. Data acted upon directly from user without cleansing, or sent through proper separation of code, can, and someday will, contain sql injection.
Ugly code like the above starts to take on some beauty with mysqli and pdo, plus the parameters are safely separated, and all the moaning about injection goes away.
It is showing parsing error on line 17 I have thoroughly checked it but unable to find error.So how do I fix this error.it is insert_city_query.php
<?php
include('../../Connections/autodealers.php');
//error_reporting(0);
$cityname=$_POST['cityname'];
$cityorder=$_POST['cityorder'];
$status=$_POST['status'];
if($status="Enabled")
$status=1;
else
$status=0;
$query = "INSERT INTO ".$db_prefix."city (cityname,cityorder,status) values
(
'" . addslashes($cityname) . "' ,
'" . addslashes($cityorder) . "' ,
'" . addslashes($status) . " '
WHERE LCASE='strtolower($_REQUEST['cityname'])')";
echo $query;
$result=mysql_query($query);
if(!$result)
{
die ('ERROR: '.mysql_error());
header("Location: " .$base_url. "admin/city_insert.php" );//if query fails
}
else
{
header("Location: " .$base_url. "admin/cities.php" );//if query suceeds
}
mysql_close($autodealers);
?>
Change your query to,
$query = "INSERT INTO ".$db_prefix."city (cityname,cityorder,status) values
('" . addslashes($cityname) . "' ,
'" . addslashes($cityorder) . "' ,
'" . addslashes($status) . " '
WHERE LCASE='" . strtolower($_REQUEST['cityname']) . "')";
Note: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
Warning: The query is vulnerable with SQL Injection if the value (s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it.
How to prevent SQL injection in PHP?
You do not use strtolower() as a function.
You should change this line:
WHERE LCASE='strtolower($_REQUEST['cityname'])')";
to
WHERE LCASE='".strtolower($_REQUEST['cityname'])."')";