$sql = 'INSERT INTO photo '.
'(id,cid, path,date) '.
'VALUES (,`$cid`, `$new`,)';
There are four columns in the table, "photo".
1) id - auto increment
2) cid - $cid
3) path - $new
4) time - timestamp
Now I want to insert new data only to the cid and path fields. How can I do it with the above mentioned code
Try this:
//$con = you connection
$sql = "INSERT INTO photo (cid, path) VALUES ('$cid', '$new')";
mysqli_query($con, $sql);
this is as simple try this
$sql = "INSERT INTO photo (`cid`, `path`) VALUES ('$cid', '$new')";
Try this, if you know the value of id and date column value then pass it, other wise you just skip it or atlast pass the default value.
$sql = "INSERT INTO photo (cid, path,`date`) VALUES ('$cid', '$new',now())";
$sql = "INSERT INTO photo (cid, path,`date`) VALUES ('$cid', '$new',CURRENT_TIMESTAMP)";
1st of all... this is how you do debugging:
Run the query in phpmyadmin (echo query from php then run in phpmyadmin to see exactly what error you are getting, then adjust and test until it works properly
2nd: The ID. Either you lose it, like other people suggested above or you set it NULL and it gets auto incremented if it's set right in the schema.
I'm not trying to just give you a solution, i'm trying to get you some information, so you don't have to ask the next time.
$sql = "INSERT INTO photo (id,cid, path,date) VALUES (NULL,'".$cid."', '".$new."',now())";
mysqli_query($con, $sql);
You have some errors in your query
You have used tick mark around the variables which is invalid
Unwanted , at starting while entering values
This is not an error, but an advice:There is no need for breaking a query into several parts until it is large.
For inserting only cid and path Do like this
$sql = "INSERT INTO photo (cid, path) VALUES ('".$cid."', '".$new."')";
Related
Before you spam as duplicate I have read through around 20-30 posts on this site about how to do this as well as others and I can't get mine to work so thats why i am asking the question.
I have the following code:
$lookupID = "SELECT ID FROM dungeon WHERE Name = '$loc'";
$result = mysqli_query($connection, $lookupID);
$row = mysqli_fetch_row($result);
$locID = $row['ID'];
$query = "INSERT INTO boss (ID, Name, Type, Location, LocationID, Difficulty) VALUES ('0', '$boss', '$type', '$loc', '$locID', '$diff')";
The purpose for the lookupID is to based upon the $loc value lookup in the other table what the locID value associated with it is and set $locID to that number. Currently when I run the query I get the following:
Error: INSERT INTO boss (ID, Name, Type, Location, LocationID, Difficulty) VALUES ('0', 'Godzilla', 'Lizard', 'Black Rock Hold', '', '4')
With the locID variable giving no value and so causing the error. Im sure its something simple and stupid I am doing but I am new to php and mysql so I hope you forgive me.
The mysqli_fetch_row function returns the array with enumerated keys, so you should use
$locID = $row[0];
If you want, you can use mysqli_fetch_assoc to get the row with associative keys instead.
Not sure that this is even possible. I am inserting values into two tables at the same time using multi_query. That works fine. One of the tables has an auto increment column and I need to take the last auto incremented number and insert it into the second table so like this: insert into table 1 then take the last inserted number from column X and insert it along with other data into table 2. I have played around with using SELECT LAST and INSERT INTO but so far its just doing my head in. The insert statements looks like this:
$sql= "INSERT INTO tbleClients (riskClientId, riskFacility, riskAudDate) VALUES ('$riskclient2', '$facility2', '$riskdate2');";
$sql .="SELECT LAST(riskId) FROM tbleClients;";$sql .="INSERT INTO tblRiskRegister (riskId) SELECT riskId FROM tbleClients ;";
$sql .= "INSERT INTO tblRiskRegister (riskAudDate, riskClientId, riskSessionId, RiskNewId) VALUES ('$riskdate2', '$riskclient2', '$sessionid', '$risknewid')";
Individually they all produce results but I need it to happen simultaneously. I did toy with the idea of doing them all separately but figure thats not very efficient. Any pointers would be appreciated.
$sql= "INSERT INTO tbleClients (riskClientId, riskFacility, riskAudDate) VALUES ('$riskclient2', '$facility2', '$riskdate2');";
After executing the above query, using mysqli_insert_id(), which gives you the last insert id.
So below query is useless.
$sql .="SELECT LAST(riskId) FROM tbleClients;";
$sql .="INSERT INTO tblRiskRegister (riskId) SELECT riskId FROM tbleClients ;";
You can insert last_insert_id in above query.
Unable to find the relation between above & below query.
$sql .= "INSERT INTO tblRiskRegister (riskAudDate, riskClientId, riskSessionId, RiskNewId) VALUES ('$riskdate2', '$riskclient2', '$sessionid', '$risknewid')";
I'm trying to execute the following query;
$result = pg_query($ruledbconnection, "INSERT INTO INPUT(target, prot, in, out, source, destination, id) VALUES ('$target', '$protocol', '$in', '$out', '$source', '$destination', '$id')");
This query should add different variables into a new row.
However, when I debug the statement (since it does not work) I get the following;
ERROR: syntax error at or near "in" LINE 1: INSERT INTO INPUT(target, prot, in, out, source, destination... ^
I find this error vague and I'm not sure where to look. Any ideas?
in is keyword.
Try this:
$result = pg_query($ruledbconnection, "INSERT INTO INPUT(target, prot, \"in\", out, source, destination, id) VALUES ('$target', '$protocol', '$in', '$out', '$source', '$destination', '$id')");
Try this:
$result = pg_query($ruledbconnection, "INSERT INTO INPUT(target, prot, in, out, source, destination, id) VALUES ('".$target."', '".$protocol."', '".$in."', '".$out."', '".$source."', '".$destination."', '".$id."')");
<html>
<head>
HTML CODE
<?
$username="xxxxxx";
$password="xxxxxx";
$database="xxxxxx";
mysql_connect(localhost,$username,$password);
$escape = "INSERT INTO monster VALUES ('',$_POST["name"],$_POST["soort"])";
$escape2 = "DELETE monster FROM monster LEFT OUTER JOIN (
SELECT MIN( ID ) AS ID, NAME, PREF
FROM monster
GROUP BY NAME, PREF
) AS KeepRows ON monster.ID = KeepRows.ID
WHERE KeepRows.ID IS NULL";
$query=mysql_real_escape_string($escape);
$query2=mysql_real_escape_string($escape2);
#mysql_select_db($database) or die("MySQL error: Kan inte ansluta till databasen.");
mysql_close();
?>
</body>
</html>
Every time i run this(from another file, containing the name and soort post's) I get an 500 internal server error. First I figured that the queries may be the problem, but they don't even get executed. However, i tried to escape the queries. But still error.
What is wrong with this code? (note: $escape2 is some code i found that removes duplicates in the database. But i don't really know how to format it so that it can be used through php.)
Use something like below...
$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
Please do not insert values without escaping.
problem in insert into statement
it should be
$escape = "INSERT INTO monster VALUES ('',".$_POST['name'].",".$_POST['soort'].")";
it is preferable to write colums name while writing insert queries
if column contains string values like VARCHAR or TEXT then use quoted_printable_decode
pass null if column is autoincrement
insert statment
$escape = "INSERT INTO monster (col1, col2, col3) VALUES (NULL,'".$_POST['name']."',".$_POST['soort'].")";
or
$escape = "INSERT INTO monster (col2, col3) VALUES ('".$_POST['name']."',".$_POST['soort'].")";
It looks like you need something like this:
$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
Also I would suggest to use prepared statements because it is bad experience to build queries.
First of all I have cool proposition for you. What do you say about some advanced PHP? One step further into great world of safe PHP + MySQL apps?
Introducting to you a PDO. (I know this is not answer to your question but you can consider it). Example of use on your queries:
$db = new PDO('mysql:host=localhost;dbname='.$database, $username, $password);
$insertQuery = $db->prepare('INSERT INTO monster VALUES ("", :name, :soort)');
$deleteQuery = $db->prepare('DELETE monster FROM monster LEFT OUTER JOIN (
SELECT MIN( ID ) AS ID, NAME, PREF
FROM monster
GROUP BY NAME, PREF
) AS KeepRows ON monster.ID = KeepRows.ID
WHERE KeepRows.ID IS NULL');
//to execute query:
$deleteQuery->execute();
//or with params:
$insertQuery->execute(array(
':name' => $_POST['name'],
':soort' => $_POST['soort'],
));
Cool, huh? There is more... Now according to your problem it could be everything (as we don't have error log) but my guess is:
Try to use <?php instead of <?
$escape = "INSERT INTO monster VALUES ('',{$_POST["name"]},{$_POST["soort"]})";
EDIT:
As you provided error log - now I'm sure that problem is in $escape query. It's because you used $escape = " <- and then $_POST["name"] so there was a collision of " (if I can say so).
Try this:
Whenever you insert string type of values in the database using query it has to pass in the quote format. So you just need to change your insert query here.
$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
write query like this.
-
Thanks
I'm pulling data from a calendar feed and each event in the calendar has a unique $EventID string. I'm using PHP.
I have a SQL database with an Event_ID column. These IDs are strings. I need to be able to compare my $EventID against the Event_ID column and put in in the database if it's not there.
I have a primary key set up to auto increment in the database, and I was thinking I can set up a loop to increment through those and compare each to the $EventID, but I'm wondering if there is a better way-maybe a PHP function I don't know about?
I've got a whole lot of code, but basically I've got:
<?php
$EventID = $event->id; //This is the event ID
mysql_query("INSERT INTO myTable
(Event_ID, Date_added, Date_edited)
VALUES
('$EventID', '$dateAdded', '$lastEdited')");
?>
So how do I set up a conditional to check all the Event_IDs that are already in the database against the $EventID?
$query = "SELECT * FROM `myTable` WHERE `Event_ID`='$EventID' ";
$result = mysql_query($query);
if (!mysql_num_rows($result))
// INSERT QUERY
Check if the Event ID is present, If not insert it
You could just skip the "Select" query and do an "INSERT IGNORE" instead:
mysql_query("INSERT IGNORE INTO myTable
(Event_ID, Date_added, Date_edited)
VALUES
('$EventID', '$dateAdded', '$lastEdited')");
this will leave existing Event_id's, and just add new records if required.