Can't quite figure this one out. Not posting to MySQL. Not getting errors, just not posting.
<?php
$con = mysql_connect("localhost","XXXX","XXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("XXXX", $con);
for( $i = 1; $i <= $count; $i++ )
{
$newtest1 = $_POST['test1'.$i];
$newtest2 = $_POST['test2'.$i];
$newtest3 = $_POST['test3'.$i];
}
$sql="INSERT INTO database (test1,test2,test3) VALUES ('".$newtest1."','".$newtest2."','".$newtest3."')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
?>
Tried ('$_POST[test1]') and (' . $_POST['test1'.$i] . ')
$sql="INSERT INTO database (test1,test2,test3) VALUES ('".$newtest1."','".$newtest2."','".$newtest3."')";
Here there is a "table" which you want to insert a data.
You may get the idea of using $sql wrong.
I'll try to explain it from an example photo: PHOTO
As you see i have a database called "test" and a table in it which im inserting my data.
You should use this code and connect to that database:
mysql_select_db("XXXX", $con); //to select "my" database (on the example) type "test" to "XXXX"
The "database" you wrote here:
$sql="INSERT INTO database (test1,test2,test3) VALUES ('".$newtest1."','".$newtest2."','".$newtest3."')";
must be changed to your selected database. In this case you just wrote "XXXX" to that.
So the final code is:
$sql="INSERT INTO XXXX (test1,test2,test3) VALUES ('".$newtest1."','".$newtest2."','".$newtest3."')";
Related
hostSo i know how to get the two fields to concatenate from directly inside of MYSQL, but having trouble getting it to work with my PHP.
Directly from MYSQL = SELECT CONCAT(ConfigurationItem, ' - ', ,Buzzword) FROM Buzz;
But how do i incorporate it into this PHP below, I have researched to no end. I want to combine the two fields ConfigurationItem and Buzzword into a field named shortdescription, without having to do it manually through MYSQL everytime the PHP is submitted.
<?php
$con = mysql_connect("host","username","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("buzz_feed", $con);
$sql = "INSERT INTO Buzz (BuzzID, ConfigurationItem, Buzzword, OccurrenceDate, PostingDate, TierStatus, MasterTicket)
VALUES
('$_POST[BuzzID]','$_POST[ConfigurationItem]','$_POST[Buzzword]','$_POST[OccurrenceDate]','$_POST[PostingDate]','$_POST[TierStatus]','$_POST[MasterTicket]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Buzz Phrase information updated";
mysql_close($con)
?>
I've concatenated them together in php as the insert.
Although there is nothing wrong with catting them in your select statement.
In fact I'd opt for that because it is redundnant-y, you are inserting the same data twice in essence.
But this should do what you are asking for.
I have also corrected your quotation marks in the query.
Also google sql injection
<?php
$con = mysql_connect("host","username","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("buzz_feed", $con);
$sql = "INSERT INTO Buzz (BuzzID, ConfigurationItem, Buzzword,
OccurrenceDate, PostingDate,
TierStatus, MasterTicket, shortdescription)
VALUES
('".$_POST['BuzzID']."','".$_POST['ConfigurationItem']."',
'".$_POST['Buzzword']."','".$_POST['OccurrenceDate']."','".$_POST['PostingDate']."',
'".$_POST['TierStatus']."','".$_POST['MasterTicket']."',
'".$_POST['ConfigurationItem']."' - '". $_POST['Buzzword']."')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Buzz Phrase information updated";
mysql_close($con)
?>
I ended up resolving my issue by inserting "ShortDescription" in the INSERT INTO line and then just telling it to insert the two fields I wanted together in the field "ShortDescription" and by using double spaces between my hyphen, I was able to get the desired effect I was looking for which turns out like this "Example - Example" See my code below
$sql = "INSERT INTO Buzz (BuzzID, ConfigurationItem, Buzzword, OccurrenceDate, PostingDate, TierStatus, MasterTicket, ShortDescription)
VALUES
('$_POST[BuzzID]','$_POST[ConfigurationItem]','$_POST[Buzzword]','$_POST[OccurrenceDate]','$_POST[PostingDate]',
'$_POST[TierStatus]','$_POST[MasterTicket]','$_POST[ConfigurationItem]' ' - ' '$_POST[Buzzword]')";
I am having a little difficulty in saving values via the URL into a SQL database. I can explicitly put in values into the the INSERT command, but that is not what I want.
Say I had a URL like the following:
and code like the following:
<?php
include 'curr.php';
$url = curPageURL();
$query_str = parse_url($url, PHP_URL_QUERY);
$query = parse_str($query_str, $query_params);
$fn = $_REQUEST['Firstname'];$sn = $_REQUEST['Surname'];
$link = mysql_connect('server.co.li', 'username', 'pass333');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
$sql = 'INSERT INTO p_database '.
'(Firstname, Surname) '.
'VALUES ($fn, $sn)';
mysql_select_db('my_db');
$retval = mysql_query( $sql, $link );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($link);
?>
I have tried $_Get and $_POST as well as $_REQUEST to get the information, and here is the error that is produced when I run:
"Connected successfullyCould not enter data: Unknown column '$fn' in 'field list'"
Any assistance would be appreciated.
(P.s. I know the code is not secure or safe, that will come after the functional parts are complete).
Your quotes are incorrect,
$sql = "INSERT INTO p_database ".
"(Firstname, Surname) ".
"VALUES ('$fn', '$sn')";
Waring: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
You need to escape your $fn and $sn like so:
$sql = "INSERT INTO p_database (Firstname, Surname) VALUES ('$fn', '$sn')";
I'm trying to grab the id of the last inserted auto-increment row and cannot successfully grab it.
error_reporting(E_ALL);
ini_set('display_errors', 1);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$title = mysqli_real_escape_string($conxn,$_POST['blog_title']);
$entry = mysqli_real_escape_string($conxn,$_POST['blog_entry']);
$sourceName = mysqli_real_escape_string($conxn,$_POST['blog_source_name']);
$sourceLink = mysqli_real_escape_string($conxn,$_POST['blog_source_link']);
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO blog (blog_title, blog_entry, blog_source, blog_link)
VALUES ('$title','$entry','$sourceName','$sourceLink')";
$lastID = $mysqli->insert_id;
if (!mysqli_query($conxn,$sql)) {
die('Error: ' . mysqli_error($conxn));
}
When I echo $lastID a "0" is returned after every submit.
You need to place the $mysqli->insert_id() after the actual mysqli_query(). See below.
if (!mysqli_query($conxn,$sql)) {
die('Error: ' . mysqli_error($conxn));
}
$lastID = $mysqli->insert_id;
That said, there are other issues with your code. First & foremost, you are mixing up the Object oriented style of calling mysqli_* with the procedural style. For example the OOP method of $mysqli->real_escape_string equates to the procedural method of mysqli_real_escape_string.
So this:
$lastID = $mysqli->insert_id;
Should be this:
$lastID = mysqli_insert_id($conxn);
So without seeing the rest of your code, unclear how to handle. Know the difference & experiment. But here are my suggestions in good faith based on the code you have presented.
For example, your references to $_POST values do not have single quotes, so I added that. Also, since you are using double quotes—which handle string substitution—you can condense your INSERT variable setting by getting rid of the . concatenation.
$title = mysqli_real_escape_string($conxn, $_POST['blog_title']);
$entry = mysqli_real_escape_string($conxn, $_POST['blog_entry']);
$sourceName = mysqli_real_escape_string($conxn, $_POST['blog_source_name']);
$sourceLink = mysqli_real_escape_string($conxn, $_POST['blog_source_link']);
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO blog (blog_title, blog_entry, blog_source, blog_link)
VALUES ('$title','$entry','$sourceName','$sourceLink')";
if (!mysqli_query($conxn,$sql)) {
die('Error: ' . mysqli_error($conxn));
}
$lastID = mysqli_insert_id($conxn);
That done, this code chunklet can be cleaned up even more, and this is how I would handle it. I have made an array of the $_POST values you are grabbing so you don’t have to repeat code. Also added comments to make it clearer what is happening. And I have used the procedural format for all commands here. If OOP is what you want, then you need to change all of the commands to match OOP format.
// Set all of the `$_POST` values into an array.
$post_items = array('blog_title','blog_entry','blog_source_name', 'blog_source_link');
// Roll through those values with a `foreach` loop.
foreach ($post_items as $post_item) {
$$post_item = mysqli_real_escape_string($conxn, $_POST[$post_item]);
}
// MySQL connection error check.
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// Set the SQL values.
$sql = "INSERT INTO blog (blog_title, blog_entry, blog_source, blog_link)
VALUES ('$blog_title','$blog_entry','$blog_source_name','$blog_source_link')";
// Run the query.
if (!$mysqli_query($conxn, $sql)) {
die('Error: ' . mysqli_error($conxn));
}
// Get the last insert ID via object oriented method.
// $lastID = $mysqli->insert_id;
// Get the last insert ID via procedural method.
$lastID = mysqli_insert_id($conxn);
I've managed to implement a simple TinyMCE editor on my site and have it call using mySQL database. My problem Im having now is getting the DB to overwrite the contents already stored inside with what is being posted?
I simply want to overwrite the table contents (within the column) with what is being inserted.
Here is my code:
<!--- CONNECT TO THE DATABASE------>
<?php
$con = mysql_connect("localhost","root","jdkldk8%by");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("cms", $con);
$sql="INSERT INTO tinymce (contents, contact, slider, resources)
VALUES
('$_POST[contents]','$_POST[contact]','$_POST[slider]','$_POST[resources]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con);
?>
<!--- END DATABASE SETTINGS ----->
[ View your changes here ]
///////////////////////////////////////////////////////////////////////////////////////
Well... i tried again but its still not posting all fields to the DB! only updating 1.
<!--- CONNECT TO THE DATABASE------>
<?php
require_once('db.php');
$contents=$_POST['contents'];
$contact=$_POST['contact'];
$slider=$_POST['slider'];
$resources=$_POST['resources'];
$id='1';
$sql="UPDATE tinymce SET `contents`='$contents', `contact`='$contact', `slider`='$slider', `resources`='$resources' WHERE id='$id'";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Saved!";
mysql_close($con);
?>
<!--- END DATABASE SETTINGS ----->
You want to use UPDATE, not INSERT, to update a previously created MySQL column.
Try editing a column using phpmyadmin and copying the resulting code from their MySQL code viewer.
I run this function and the value of the post form doesn't insert into the DB. I'm not getting any error messages but I checked and saw that $this->user_id is populating. Am I missing something else?
function senddata () {
$con = mysql_connect("localhost","root","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("user", $con);
$sql="INSERT INTO profile (collegemajor) VALUE('$_POST[major]') WHERE userid=$this->user_id";
mysql_close($con);
}
INSERT statement don't have WHERE clausule,
you need to send query!!!
First of all, I don't see the mysql_query() - the function to execute the query.
It seems like the problem is here:
$sql="INSERT INTO profile (collegemajor) VALUE('$_POST[major]') WHERE userid=$this->user_id";
Use $sql="INSERT INTO profile (collegemajor) VALUE('$_POST[major]'); instead.
The code:
function senddata () {
$con = mysql_connect("localhost","root","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("user", $con);
$sql="INSERT INTO profile (collegemajor) VALUE('$_POST[major]');";
mysql_query( $sql , $con );
mysql_close($con);
}
This should be an update function, it seems, rather than an insert function (if you're trying to update a row that already exists, which is seems you are based on the "Where" clause).
And, as others have mentioned, you never ran mysql_query() or similar function.