<?
include("../../panel/inc/config.php");
$ip = $_SERVER['REMOTE_ADDR'];
// Insert the log
$insert = "INSERT INTO logs (log, ip, date) VALUES ('{$log}', '{$ip}', '{$date}')";
mysql_query($insert) or die("MySQL Error - Could not insert reviews");
$date = date("d/m/y - h:ia");
$insertLog = "INSERT INTO `logs` ( `log` , `ip`, `date` ) VALUES ('viewed test page', '$date')";
mysql_query($insertLog) or die('MySQL Error - Could not insert a log.');
?>
basically when someone views this page, I want it to insert into the database, but it's not inserting. I get the Error for inserting log.
Any ideas?
My database is
$insertLog = "INSERT INTO `logs` ( `log` , `ip`, `date` ) VALUES ('viewed test page', '$date')";
missing one column value here. You have three columns but two values in above query. It seems that you have missed ip value in above query.
you should try like this:
$ip = $_SERVER['REMOTE_ADDR'];
if(isset($ip)){
// Insert the log
$insert = "INSERT INTO logs (log, ip, date) VALUES ('{$log}', '{$ip}', '{$date}')";
mysql_query($insert) or die('MySQL Error - ' . mysql_error() );
$date = date("d/m/y - h:ia");
$insertLog = "INSERT INTO `logs` ( `log` , `ip`, `date` ) VALUES ('viewed test page','$ip' '$date')";
mysql_query($insertLog) or die('MySQL Error - ' . mysql_error() );
}
notice: all mysql_* functions are deprecated. You should move to PDO or mysqli.
Related
$query = "Insert into $sql_table (date, Firstname, Lastname, StudentID, Score) values ('$date', '$Firstname', '$Lastname' , '$StudentID' , '$mark')";
// execute the query
$result = mysqli_query($conn, $query);
if(!$result)
{
echo "<p>Error with " , $query , "</p>";
}
else
{
echo "<p>Table updated Successfully</p>";
}
Error with Insert into attempts (date, Firstname, Lastname, StudentID, Score) values ('2018-10-21 10:30:21pm', 'jhjsdhfhje', 'bnsdb' , '1023456789' , '6')
Probably going to be that first parameter, but would depend on your table structure.
If date is a date column then MySQL will be expecting a "Y-m-d" formatted string, if it's a datetime then it will be expecting a "Y-m-d H:i:s".
My suggestion would be to drop the "pm" and see if that works.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 5 years ago.
I'm not sure why it's not inserting any data.
No errors are returned.
I'm new in the mysql scene so i might be doing something wrong..
Do you guys mind pointing me towards the right direction?
$link = mysqli_connect("localhost", "root", "", "testdatabase");
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
else if ($command == 'create-key'){
$keys = $_GET['nkey'];
if (empty($_GET['nkey'])){
print('Error: No key specified to create!');
die();
}
print ('Key '. $_GET['nkey'] .' has been created.');
$sql = ("INSERT INTO `keys` (`key`, `status`) VALUES ('. $keys .', 0)");
}
SQL Code:
CREATE TABLE `keys` (
`key` varchar(15) NOT NULL,
`status` int(1) NOT NULL DEFAULT '0'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
There is no need of ()
Change Query From
$sql = ("INSERT INTO `keys` (`key`, `status`) VALUES ('. $keys .', 0)");
To
$sql = "INSERT INTO `keys` (`key`, `status`) VALUES ('$keys', 0)";
And then Execute this Query
You'll probably need this on top of your script to see PHP errors:
<?php
ini_set('display_errors', 'on');
error_reporting ( E_ALL );
To help you with your error, have a look at your query.
$sql = ("INSERT INTO `keys` (`key`, `status`) VALUES ('. $keys .', 0)");
While this is should insert . $keys . in your table, please try:
$sql = ("INSERT INTO `keys` (`key`, `status`) VALUES ('". $keys ."', 0)");
My sql query is :
"INSERT INTO
order customer_id = $customer_id
, firstname = '".$firstname."'
, lastname = '".$lastname."'
, email = '".$email."'
, telephone = '".$telephone."'
, fax = '".$fax."'
, ip = '".$ip."'
, date_added = NOW()
, date_modified = NOW()
";
I get the error
Notice: Error: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to
use near 'order customer_id =1,firstname ='kuldeep',lastname
='pathak',email ='kuldeep.pat' at line 1 Error No: 1064
You didnt understand how to write SQLs as it seems.
$sql = 'INSERT INTO `order` (customer_id, firstname, blablabla) VALUES ('.$custormer_id.','.$firstname.','.$blablabla.')';
Please look at some basic tutorials about SQL.
"INSERT INTO
`order` SET customer_id = " . $customer_id . "
, firstname = '".$firstname."'
, lastname = '".$lastname."'
, email = '".$email."'
, telephone = '".$telephone."'
, fax = '".$fax."'
, ip = '".$ip."'
, date_added = NOW()
, date_modified = NOW()
";
Should be alright. DonĀ“t forget to escape your data though.
Try
"INSERT INTO `Order` (customer_id, firstname, lastname, email, telephone, fax, ip, date_added, date_modified)
VALUES ($customer_id, '$firstname', '$lastname', '$email', '$telephone', '$fax', '$ip', NOW(), NOW())"
The right syntax is : INSERT INTO tablename (columns) VALUES (values);
If you're likely to have user submitted fields in the dataset or appostrophes or anything else that could cause problems for any reason you'd want something more like
$query = sprintf("INSERT INTO `table` (`Name`, `Email`, `AnotherField`) VALUES ('%s', '%s', '%s'",
mysql_real_escape_string( $_POST['Name'] ),
mysql_real_escape_string( $_POST['Email'] ),
mysql_real_escape_string( $_POST['AnotherField'] )
);
This will sanitise your inputs as well
Use prepared statement to avoiding sql injection.
$custormer_id = "2000";
$firstname = "first name";
$etc = "some other values";
$mysqli = new mysqli('localhost', 'user', 'password', 'database');
$stmt = $mysqli->prepare("INSERT INTO order(customer_id, firstname, etc) VALUES (?, ?, ?)");
$stmt->bind_param('iss', $custormer_id, $firstname, $etc);
// first parameter is corresponding variable type of inserting values,eg i=interger, s=string
$stmt->execute();
$stmt->close();
http://php.net/manual/en/mysqli-stmt.bind-param.php
I'm trying to get the last inserted id of multiple inserted rows.
record_id is auto increment
$sql = "INSERT INTO records (record_id, user_id, status, x) values ";
$varray = array();
$rid = $row['record_id'];
$uid = $row['user_name'];
$status = $row['status'];
$x = $row['x'];
$varray[] = "('$rid', '$uid', '$status', '$x')";
$sql .= implode(',', $varray);
mysql_query($sql);
$sql2 = "INSERT INTO status_logs (id, record_id, status_id, date, timestamp, notes, user_id, x) VALUES";
$varray2[] = "(' ', mysql_insert_id(), '$status', '$uid', '$x')";
$sql2 .= implode(',', $varray2);
mysql_query($sql2);
This is the result:
INSERT INTO records (record_id, user_id, notes, x) values ('', '1237615', 'this is a note', 'active')
INSERT INTO status_logs (log_id, record_id, status_id, date, timestamp, notes, user_id, x) VALUES('', INSERT INTO records (record_id, user_id, notes, x) values ('', '1237615', 'this is a note', 'active')
INSERT INTO status_logs (log_id, record_id, status_id, date, timestamp, notes, user_id, x) VALUES('', mysql_insert_id(), '1', '2013:05:16 00:00:01', '', this is a note'', '1237615', 'active'), '1', '2013:05:16 00:00:01', '', this is a note'', '1237615', 'active')
There is no value for mysql_insert_id().
You're mixing php function mysql_insert_id() and SQL INSERT statement syntax.
Either use MySQL function LAST_INSERT_ID() in VALUES clause of INSERT statement
INSERT INTO records (user_id, notes, x) VALUES('1237615', 'this is a note', 'active');
INSERT INTO status_logs (record_id, status_id, date, timestamp, notes, user_id, x)
VALUES(LAST_INSERT_ID(), '1', ...);
^^^^^^^^^^^^^^^^^
or retrieve the last inserted id by making a separate call to mysql_insert_id() right after first mysql_query(). And then use that value when you as a parameter to your second query.
$sql = "INSERT INTO records (user_id, ...)
VALUES(...)";
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error()); //TODO beter error handling
}
$last_id = mysql_insert_id();
// ^^^^^^^^^^^^^^^^^^
$sql2 = "INSERT INTO status_logs (record_id, ...)
VALUES $last_id, ...)";
$result = mysql_query($sql);
if (!$result) {
die('Invalid query: ' . mysql_error()); //TODO beter error handling
}
Note:
You don't need to specify auto_incremented column in column list. Just omit it.
Use at least some sort of error handling in your code
On a side note: Instead of interpolating query strings and leaving it wide open to sql-injections consider to use prepared statements with either mysqli_* or PDO.
Unless I mis-reading your code, you're calling the PHP function mysql_insert_id from within the SQL?
What you need to do is grab that into a PHP variable first, then use the variable in the SQL. Something like this:
// Run the first query
mysql_query($sql);
// Grab the newly created record_id
$recordid= mysql_insert_id();
Then in the second INSERTs just use:
$varray2[] = "(' ', $recordid, '$status', '$uid', '$x')";
I'm trying to put the time of a post into my database table but i can't get it to work. maybe someone here can explain what i'm doing wrong.
This is my code:
<?php
if (isset($_POST['upload_message'])) {
$message_title = $_POST['message_title'];
$message_content = $_POST['message_content'];
}
$table_name = "posts";
$add_query = "INSERT INTO $table_name (name, content, date) VALUES ('$message_title', '$message_content', 'SELECT NOW()')";
if (mysql_query($add_query)) { //executes query and error check
echo "het artikel staat in de database";
}
else { //error message
echo "fout bij het toevoegen" . "<br />" . mysql_error();
}
?>
and this is a screen shot of my db table : http://gyazo.com/17019f143eab6e5818752c33824bde29
When I run mysql_error is get the following message :
Incorrect datetime value: 'SELECT NOW()' for column 'date' at row 1
You don't have to SELECT NOW(), just NOW()
$add_query = "INSERT INTO $table_name (name, content, date)
VALUES ('$message_title', '$message_content', NOW())";
You should use prepared statements with binded parameters using mysqli_ or PDO.
NOW() is a mysql function, you don't have to "select it" just call it.
Replace the "SELECT NOW()" for just "NOW()".
INSERT INTO $table_name (name, content, date) VALUES ('$message_title', '$message_content', 'NOW()')
Or you can use CURRENT_TIMESTAMP
INSERT INTO $table_name (name, content, date) VALUES ('$message_title', '$message_content', CURRENT_TIMESTAMP);
Mysql_query is deprecated as of PHP 5.5.0.
Use PDO or Mysqli !
And secure your code, we can do injection sql.