Entering data into 2 MySql tables with a php form - php

I am trying to enter data into 2 tables with one form.
here is my code so far
<html>
<head>
<title>Please work!!!!</title>
</head>
<body>
<?php
if(isset($_POST['add']))
{
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
if(! get_magic_quotes_gpc() )
{
$name = addslashes ($_POST['name']);
}
else
{
$emp_name = $_POST['name'];
}
$sql = "INSERT INTO users, cseason".
"(name) ".
"VALUES('$name')";
mysql_select_db('pool');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">player name</td>
<td><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="add" type="submit" id="add" value="add player">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
I have tried many ways but having a issue with the line
$sql = "INSERT INTO users, cseason".
i get the following error
Could not enter data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' cseason(name) VALUES('twat')' at line 1
I am not sure what direction to go now as i am using this as a learning project
This seams to work ill update the part i have changed please advise me if this approach is ok?
$sql = "INSERT INTO users, cseason".
"(name) ".
"VALUES('$name')";
mysql_select_db('pool');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
to this
$sql = "INSERT INTO users".
"(name) ".
"VALUES('$name')";
mysql_select_db('pool');
$retval = mysql_query( $sql, $conn );
$sql2 = "INSERT INTO cseason".
"(name) ".
"VALUES('$name')";
mysql_select_db('pool');
$retval = mysql_query( $sql2, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";


change your code line
mysql_select_db('pool');
to
mysql_select_db("pool",$conn)

Related

My php code is not inputting data to mySQL and giving me no feedback

I am not sure why my database is not receiving information from my website. Also, no error messages are popping up so I'm not sure the data is going anywhere at all. It appears to be letting me connect to the database, but when I click add employee I just get a blank page. Any suggestions?
EDIT: I have changed my code to only input one variable, but am still only returning a blank page.
<html>
<head>
<title>Add New Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['add'])) {
$dbhost = '';
$dbuser = 'j';
$dbpass = 'os';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
if(! get_magic_quotes_gpc() ) {
$emp_name = addslashes ($_POST['employee_name']);
} else {
$emp_name = $_POST['employee_name'];
}
$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name')";
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
} else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border = "0" cellspacing = "1" cellpadding = "2">
<tr>
<td width = "100">
Employee Name
</td>
<td>
<input name = "employee_name" type = "text" id = "employee_name">
</td>
</tr>
<tr>
<td width = "100">
</td>
<td>
</td>
</tr>
<tr>
<td width = "100">
</td>
<td>
<input name = "add" type = "submit" id = "add" value = "Add Employee">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name', NOW())";
You are passing 2 values in the sql, but only specifying one column. employee_name
you probably need to either remove the NOW() value or add another column (employee_name, date_added)
$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name')";
$sql = "INSERT INTO employee ". "(employee_name, date_added) ". "VALUES('$emp_name', NOW())";

Error when Updating SQL Table

I'm trying to have a form to update a table in my SQL database but I'm getting this error
If my Client ID field has "7020" as the value and the Proof field as "test" I get this error: Could not update data: Unknown column 'test' in 'field list'
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'xxxxxxxx';
$dbuser = 'xxxxx';
$dbpass = 'xxxxxxxxxxxxxxxxxxxxxxxx';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$clientid = $_POST['clientid'];
$proof = $_POST['proof'];
$sql = "UPDATE penalties ". "SET Proof = $proof " ."WHERE client_id = $clientid AND type='ban'";
mysql_select_db('b3bot');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Client ID</td>
<td><input name="clientid" type="text" id="clientid"></td>
</tr>
<tr>
<td width="100">Proof</td>
<td><input name="proof" type="text" id="proof"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

The sql query you are trying to execute should be wrong. As I see, the query right now looks like:
UPDATE penalties SET Proof = sth WHERE client_id = test AND type='ban'
should be like:
UPDATE penalties SET Proof = 'sth' WHERE client_id = 'test' AND type='ban'
(note the quotes)

Cannot Update MYSQL using PHP

I have a simple MYSQL DB where field_3 is a varchar Key value. I am trying to update database posting to two TIME fields called start and end.
However I keep getting this error
Notice: Undefined variable: empd_end in C:\xampp\htdocs\b1\update.php on line 25
Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':12:00, end = WHERE field_3 = Berkay_Sebat#yahoo.com' at line 1
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$emp_end= $_POST['emp_end'];
$sql = "UPDATE usezas ".
"SET start = $emp_salary, end = $empd_end".
"WHERE field_3 = $emp_id" ;
mysql_select_db('db1');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">EMAIL</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Start TIME</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100">END TIME</td>
<td><input name="emp_end" type="text" id="emp_end"></td>
</tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

You are missing a space after the value of end also, you will need to wrap your variables with a quotes like the query below.
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end' ".
"WHERE field_3 = $emp_id" ;
However, your code is vulnerable to SQL injections. You sure prepare your query and should be using either PDO or MySQLi extensions not the old mysql_query extension.

you need to put your php vals to ''
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end'".
" WHERE field_3 = '$emp_id'" ;

How to update the value from PHP variable into database

everyone.
I have a problem with updating value into database.
Now, I have $SumTotal as a PHP variable. I want to update value in database by using value in $SumTotal.
I try it but it doesn't work. The value in database is 0.
here is my code
$strSQL3 = "UPDATE OrderCustomer SET TotalPrice = '".$SumTotal."' WHERE OrderCustomerID = '".$_SESSION["OrderCustomerID"]."' ";
Thank you very much.

Try using this code, this code should work for you.
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$SumTotal="**Some value**";
//**QUERY**
$strSQL3= "UPDATE OrderCustomer".
"SET Totalprice= $SumTotal".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $strSQL3, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}

First of all, I would make sure that $SumTotal and $_SESSION['OrderCustomerID'] are equal to what they are meant to be equal to.
I would do something like: echo "$SumTotal"; and echo $_SESSION['OrderCustomerID']; to check these variables.
Then, you could do the following:
Make sure that the database is actually selected (to select the database in your query, you can use UPDATE databasename.table (where table is equal to OrderCustomer in your case)
Check for errors in your query by adding or die(mysql_error()); to the end of your query.
Use the following at the very top of your PHP document to show all errors that have occurred: https://stackoverflow.com/a/6575502/3593228.
In addition to this, make sure that your query is actually being executed.
You can do this by using the mysql_query function as follows:
$strSQL3 = mysql_query("UPDATE databasename.OrderCustomer SET TotalPrice = '$SumTotal' WHERE OrderCustomerID = '" . $_SESSION["OrderCustomerID"] . "'");
Also, before someone beats me to it, you should be using PDO or MySQL Improved, yada yada yada.

You can have a look at this piece of code.
This will definitely work, i have tried this personally.
Edit: (Pulled from link)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$sql = "UPDATE employee ".
"SET emp_salary = $emp_salary ".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Employee ID</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Employee Salary</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

PHP Form SQL Format Error

I am trying to make a simple form that checks based on the correct email. If the email is correct, it then updates the database with the new time. When I run it, I get a format error.. I am not an expert with PHP, so I may have missed something here...
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'user1';
$dbpass = 'password';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$email= $_POST['email'];
$time= $_POST['time'];
$sql = "UPDATE users".
"SET time= $time".
"WHERE email = $email" ;
mysql_select_db('dbname');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Email:</td>
<td><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td width="100">Time:</td>
<td><input name="time" type="text" id="time"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>

Your query has the wrong quotes.
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'user1';
$dbpass = 'password';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('dbname');
$email= $_POST['email'];
$time= $_POST['time'];
$sql = "UPDATE users SET time= '$time' WHERE email = '$email'";
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Email:</td>
<td><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td width="100">Time:</td>
<td><input name="time" type="text" id="time"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
Sidenote: Your present code is open to SQL injection. Use mysqli_* functions. (which I recommend you use and with prepared statements, or PDO)
Footnotes:
mysql_* functions deprecation notice:
http://www.php.net/manual/en/intro.mysql.php
This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.
These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.
Documentation for MySQL can be found at » http://dev.mysql.com/doc/.
Quick note(s)
You could shorten your code by doing the following all in one go:
$dbhost = 'localhost';
$dbuser = 'user1';
$dbpass = 'password';
$db = 'dbname';
$conn = mysql_connect($dbhost, $dbuser, $dbpass, $db);
so you won't have to use mysql_select_db('dbname'); but that's purely opinion-based/preference and will save you a few keystrokes at the same time.
Changing:
$email= $_POST['email'];
$time= $_POST['time'];
to:
$email= mysql_real_escape_string($_POST['email']);
$time= mysql_real_escape_string($_POST['time']);
will help add a bit of security until you get into prepared statements or PDO.

you don't have spaces in your sql script.
change $sql to:
$sql = "UPDATE users ".
"SET time= '$time' ".
"WHERE email = '$email'" ;
although this will work just fine:
$sql = "UPDATE users SET time= '$time' WHERE email = '$email'" ;
keep in mind, your page is vulnerable to sql injection because you have not escaped time and email.

Categories