I create a form that insert fist name last name and phone but i have this error and can't figure out where it is
can't execute query.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
here is my php code
1st file named displayPhone.php
<!DOCTYPE html>
<html>
<?php
$labels=array("first_name"=>"First Name",
"last_name"=>"Last Name",
"phone"=>"Phone");
?>
<body>
<h3>please enter your phone number below</h3>
<form action='savePhone.php' method='POST'>
<?php
//loop that displays the form field
foreach($labels as $field =>$value)
{
echo "$field <input type='text' name='$field' size='65' maxlenghth='65'/>";
}
echo "<input type='submit' value='submit phone number'/>";
?>
second file named savePhone.php
<?php
$labels=array("first_name"=>"First Name",
"last_name"=>"Last Name",
"phone"=>"Phone");
?>
<body>
<?php
foreach($_POST as $field =>$value)
{
if(empty($value))
{
$blank_array[]=$field;
}
elseif(preg_match("/name/i",$field))
{
if(!preg_match("/^[A-Za-z' -]{1,50}$/",$value))
{
$bad_format[]=$field;
}
}
elseif($field=="phone")
{
if(!preg_match("/^[0-9)( -]{7,20}(([xX]|(ext)|(ex))?[ -]?[0-9]{1,7})?$/",$value))
{
$bad_format[]=$field;
}
}
}
if(#sizeof($blank_array)>0 or #sizeof($bad_format)>0)
{
if(#sizeof($blank_array)>0)
{
echo "<p>input";
foreach($blank_array as $value)
{
echo "$labels[$value]";
}
echo "</p>";
}
if(#sizeof($bad_format)>0)
{
echo "<p>invalid format";
foreach($bad_format as $value)
{
echo $labels[$value];
}
echo "</p>";
}
//redisplay form
echo "<hr/>";
echo "enter phone number";
echo "<form action='$_SERVER[PHP_SELF]' method='POST'>";
foreach($labels as $field =>$label)
{
$good_data[$field]=strip_tags(trim($_POST[$field]));
echo "$label <input type='text' name='$field' size='65' maxlength='65' value='$good_data[$field]'/>";
}
echo "<input type='submit' value='submit phone number'/>";
exit();
}
else
{
$user='root';
$host='localhost';
$password='root';
$dbname='pet';
$cxn=mysqli_connect($host,$user,$password,$dbname) or die("can't connect to server");
foreach($labels as $field =>$value)
{
$good_data[$field]=strip_tags(trim($_POST[$field]));
if($field=="phone")
{
$good_data[$field]=preg_replace("/[)( .-]/","",$good_data[$field]);
}
$good_data[$field]=mysqli_real_escape_string($cxn,$good_data[$field]);
}
$query="INSERT INTO data (";
foreach($good_data as $field =>$value)
{
$query.="$field,";
}
$query.= ") VALUES (";
$query=preg_replace("/,\)/",")",$query);
$result=mysqli_query($cxn,$query) or die ("can't execute query.".mysqli_error($cxn));
echo "<h4>member inserted </h4>";
}
?>
</body>
my database name 'pet' table name 'data'. the table contains 3 part first_name, last_name, and phone all are varchar type
You never put anything after VALUES ( in the query. Try this way of putting the field names and values into the query:
$fields = implode(',', array_keys($good_data));
$values = implode(',', array_map(function($x) { return "'$x'"; }, $good_data));
$query = "INSERT INTO data ($fields) VALUES ($values)";
You did not insert anything after VALUES (. This is a MySQL syntax error and hence the query didn't get executed.
The correct syntax is.
$query = "INSERT INTO data (column_names) VALUES (corresponding_values)";
Related
i am dynamically adding the values in the dropdown . After selecting the value in the dropdown and entering text in the textbox, both textbox value and dropdown value has to be entered in the database on button click. But my code is not working properly ie only textbox value is inserted in the database but not dropdown selected vlaue. Please correct my code
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
<label style="margin-left:260px;width:170px"><h3 >Topic:</h3><br></label><br>
<select name="topic" style="margin-left: 282px;margin-top: -17px;">
<option value=""> -----Select----- </option>
<?php
$records = mysql_query("SELECT topic FROM topic ");
while ($row = mysql_fetch_array($records)){
echo "<option value=\"\">" . $row['topic'] . "</option>";
}
?>
</select>
<label style="margin-left:260px;width:170px"><h3 >Enter Crime Key Point:</h3><br></label><br>
<textarea name="details" id="details" rows="14" cols="60" style="margin-left:112px"><?php if(isset($_POST['details'])){echo htmlspecialchars($_POST['details']);}?>
</textarea><br><br>
<br><br><input type='submit' name='submit' value='Post' style='margin-left:305px;'>
</form>
if(isset($_POST["submit"]) ){
//if ( isset( $_POST['topic'] )){
//if(!empty($_POST['CarList'])){
$story = $_POST['details'];
$topic = $_POST['topic'];
echo $topic;
$sql = "SELECT `registered` FROM `user` WHERE `name`='{$_SESSION['name']}'";
$result = mysql_query($sql);
if (! $result)
{
throw new My_Db_Exception('Database error: ' . mysql_error());
}
else
{
$row = mysql_fetch_assoc($result);
$register=$row['registered'];
if ($register==1)
{
$sql = "INSERT INTO `stories`(`stories`,`name`,`topic`,`date/time`) VALUES ('$story','{$_SESSION['name']}','$topic',now())";
$result = mysql_query($sql);
echo $result;
if (! $result)
{
//echo "Story is not inserted. Please avoid special characters.";
echo 'Retrieval of data from Database Failed - #'.mysql_errno().': '.mysql_error();
}
else
{
die("<script>location.href = 'usershome.php'</script>");
echo "Story inserted successfully";
}
}
else
{
$sql = "select count(*) from stories where `date/time`=DATE(NOW()) AND `name` = '{$_SESSION['name']}'";
$result = mysql_query($sql);
if (! $result)
{
throw new My_Db_Exception('Database error: ' . mysql_error());
}
else
{
$row = mysql_fetch_assoc($result);
$count=$row['count(*)'];
if ($count<3)
{
$sql = " INSERT INTO `stories`(`stories`,`name`,`date/time`) VALUES ('$story','{$_SESSION['name']}',now())";
$result = mysql_query($sql);
if (! $result)
{
echo "Story is not inserted";
}
else
{
die("<script>location.href = 'usershome.php'</script>");
echo "Story inserted successfully";
}
}
else
{
echo '<img src="images/animated-star-image-0009.gif" width="25px"/>Please Register to enter more than 3 stories per day';
}
}
}
}
}
?>
The line:
echo "<option value=\"\">" . $row['topic'] . "</option>";
change it to:
echo "<option value='".$row['topic']."'>" . $row['topic'] . "</option>";
You are passing empty values for the topic parameter. Setting up a correct value will ensure that you are inserting the correct user input in the database.
For future you can debug this easy by outputting your POST content before executing the SQLinsert.
That will fix your issue, but there are several other things you might consider changing, one of them is the deprecated mysql_ extension, switch to mysqli or PDO.
I'm trying to create a user record to input into a phpmyadmin database.
createUserRecord($usersTable, [$r2,"'".$_POST["firstName"]."'","'".$_POST["lastName"]."'","'".$_POST["username"]."'","'".$_POST["password"]."'","'".$_POST["admin"]."'","'".$_POST["email"]."'"]);
I think there is an issue with the quotation marks or concatenation of the $_POST variables.
There is a record created in the phpmyadmin database, but the values are either not there for the text data types or the two integer value are showing up as 0. When I use print_r to print the values of this createUserRecord, it only prints '1'.
This is the code for the signup page that creates user records:
<html>
<body>
<p><h2><strong>Welcome to the Marist Room Reservation Recommender!</strong></h2></p>
<p><h3><strong>Reserve a room below!</strong></h3></p>
<?php
require 'sql_helper3.php';
if ($_POST[submitted] == "submitted") {
$r2 = (rand(11111,99999));
createUserRecord($usersTable, [$r2,"'".$_POST["firstName"]."'","'".$_POST["lastName"]."'","'".$_POST["username"]."'","'".$_POST["password"]."'","'".$_POST["admin"]."'","'".$_POST["email"]."'"]);
header('location:verify3.php');
} else {
echo "<h1>Please enter your details:</h1>";
echo "<form action=verify3.php method=post>\n";
echo "First Name: <input type=text name=firstName placeholder=\"Enter First Name\" required=required>\n<br>";
echo "Last Name: <input type=text name=lastName placeholder=\"Enter Last Name\" required=required>\n<br>";
echo "CWID: <input type=\"text\" name=\"CWID\" placeholder=\"Enter CWID\" required=required>\n<br>";
echo "Class: <select name=\"class\">\n";
echo "<option value=\"1\">Freshman</option>\n";
echo "<option value=\"2\">Sophomore</option>\n";
echo "<option value=\"3\">Junior</option>\n";
echo "<option value=\"3\">Senior</option>\n";
echo "</select>\n<br>";
echo " Gender:\n";
echo " <select option name = \"Gender\">\n<br> ";
echo " <option value = \"None\">Select One...</option>\n<br> ";
echo " <option value = \"Male\">Male</option>\n<br> ";
echo " <option value = \"Female\">Female</option>\n<br> ";
echo " </select>\n<br> ";
$sql = "SELECT name, roomsAvailable FROM $dormTable";
if($result = mysqli_query($conn, $sql)) {
$numRows = mysqli_num_rows($result);
echo " <strong>Residence Areas</strong>\n ";
echo " <select name = dorm> \n";
for ($i = 0; $i < $numRows; $i++){
$aDorm = mysqli_fetch_assoc($result);
$dormName = $aDorm['name'];
$dormAvailable = $aDorm['roomsAvailable'];
if($dormName != 'Select One...' && $dormAvailable != 0){
echo "<option value = \"$dormName\" > $dormName ($dormAvailable)</option>\n";
}
elseif ($dormAvailable == 0 && $dormName != 'Select One...'){
echo "<option value = \"$dormName\" disabled=\"disabled\"> $dormName </option> \n";
}
elseif ($dormName == 'Select One...'){
echo "<option value = \"$dormName\"> $dormName </option> \n";
}
}
echo "</select>\n<br><br>";
}
else {
echo "something is wrong: " .mysqli_error($conn);
echo $result;
die;
}
echo "<input type=checkbox name=specialNeeds value=\"1\">Special Needs?\n<br>";
echo "<input type=checkbox name=laundry value=\"1\">Laundry?\n<br>";
echo "<input type=checkbox name=fullyEquippedKitchen value=\"1\">Kitchen?\n<br><br>";
echo "Username:<input type=text name=username placeholder=\"Enter Username\" required=required><br>\n";
echo "Password:<input type=password name=password placeholder=\"Enter Password\" required=required><br>\n";
echo "Email Address:<input type=email name=email placeholder=\"Enter Email\" required=required><br><br>\n";
echo "<input type=checkbox name=admin value=\"1\">Administrator?\n<br>";
echo "<input type=hidden name=submitted value=submitted>\n<br>";
echo "<input type=\"submit\" value=\"Signup\">\n<br>";
echo "</form>\n";
foreach ($_POST as $k => $v){
echo"<input type = hidden name = $k value = \"$v\"> <?php echo print_r($_POST) ?>";
}
}
?>
</body>
This is the function that is called from another php page:
$table = $usersTable;
function createUserRecord($table, $values) {
echo "<br> in createUserRecord(), table is \"$table\", values are ".print_r($values)."\n<br>";
return insertInto($table, ["id", "firstName", "lastName", "username", "password", "admin"], $values);
var_dump($values);
}
function insertInto($table, $columns, $values) {
$sql = "INSERT INTO $table (`" . implode("`, `", $columns) . "`) VALUES ('" . implode("', '", $values) . "')";
return query($sql);
}
This is the results page:
<?php
//Take user selection from verify
require 'sql_helper3.php';
date_default_timezone_set('America/New_York');
$date = date('m/d/Y h:i:s a', time());
$dorm = $_POST["dorm"];
$sql = "SELECT * FROM $dormTable WHERE name = '$dorm'";
if ($result = mysqli_query($conn, $sql)) {
$dormRecord = mysqli_fetch_assoc($result);
}
$reservationsTable = "Reservations";
$r1 = (rand(11111,99999));
// SQL query to fetch information of registered users and finds user match.
$username=$_POST['username'];
$password=$_POST['password'];
$sql = "SELECT * FROM $usersTable WHERE password = \"$password\" AND username = \"$username\"";
echo "Running SQL $sql\n<br>";
$result = mysqli_query($conn,$sql);
$_SESSION['login_user']=$username; // user is logged in now
// echo "Initializing session...";
$aUser = mysqli_fetch_assoc($result);
//print_r($aUser);die;
$_SESSION['user_firstname'] = $aUser['firstName'];
$_SESSION['user_lastname'] = $aUser['lastName'];
$_SESSION['user_email'] = $aUser['email'];
$_SESSION['user_class'] = $aUser['class'];
$_SESSION['user_gender'] = $aUser['Gender'];
$_SESSION['user_kitchen'] = $aUser['fullyEquippedKitchen'];
$_SESSION['user_laundry'] = $aUser['laundry'];
$_SESSION['user_specialneeds'] = $aUser['specialNeeds'];
$_SESSION['user_admin'] = $aUser['admin'];
$_SESSION['user_id'] = $aUser['id'];
createReservationRecord($reservationsTable, [$r1, $date, "'".$usersTable[id]."'", "'".$dormRecord[id]."'", "'".$_POST[CWID]."'", "'".$_POST[firstName]."'", "'".$_POST[lastName]."'", "'".$_POST['class']."'", "'".$_POST[gender]."'", "'".$_POST[fullyEquippedKitchen]."'", "'".$_POST[laundry]."'", "'".$_POST[specialNeeds]."'"]);
//Update the record where the dorm id is used and set the roomsAvailable to -1 for that dorm
$sql = "UPDATE $dormTable SET roomsAvailable = ".--$dormRecord[roomsAvailable] ." WHERE id = $dormRecord[id]";
query($sql);
//Update the record where the dorm id is used and set the roomsreserved to +1 for that dorm
$sql = "UPDATE $dormTable SET roomsReserved = ".++$dormRecord[roomsReserved] ." WHERE id = $dormRecord[id]";
query($sql);
echo"<br>This is the users table ".print_r($usersTable)."<br>";
?>
<html>
<body>
<h1>Reservation Confirmation </h1>
</table>
Confirmation Number: <?php echo "$r1"; ?> <br>
Date: <?php echo "$date";?><br>
First Name: <?php echo $_POST["firstName"];?><br>
Last Name: <?php echo $_POST["lastName"]; ?><br>
CWID: <?php echo $_POST["CWID"]; ?><br>
Gender: <?php echo $_POST["Gender"]; ?><br>
Class: <?php
if($_POST["class"] == 1){
echo "Freshman";
}
elseif($_POST["class"] == 2){
echo "Sophomore";
}
else{
echo "Junior/Senior";
//or we could do upperclassman
}
; ?><br>
Residence Area: <?php echo $_POST["dorm"]; ?><br>
Special Needs: <?php
if ($_POST["specialNeeds"]){
echo "Yes";
}
else{
echo "No";
} ?><br>
Laundry: <?php if (isset($_POST["laundry"])){
echo "Yes";
}
else{
echo "No";
}
?><br>
Fully Equipped Kitchen: <?php
if (isset($_POST["fullyEquippedKitchen"])){
echo "Yes";
}
else{
echo "No";
}
if ($aUser["admin"]) {
echo "<br><br><a href=admin_main.php>Click here</a> to go to the admin landing page.\n<br>";
//header("location: admin_main.php"); // redirecting to admin landing page
}
else {
echo "<br><br><a href=reservations.php>Click here</a> to go to the reservations page.\n<br>";
// header('Location: profile.php'); // Redirecting To Students Landing page
}
?>
<br>
</body>
The output for this results page is:
Running SQL SELECT * FROM Users WHERE password = "bbb" AND username = "kk"
Warning: Illegal string offset 'id' in /home/ubuntu/workspace/Project_Three/results3.php on line 42 Call Stack: 0.0003 241480 1. {main}() /home/ubuntu/workspace/Project_Three/results3.php:0 Users
This is the users table 1
Reservation Confirmation
Confirmation Number: 19843
Date: 11/29/2016 01:28:30 pm
First Name: k
Last Name: b
CWID: 18738783
Gender: Female
Class: Freshman
Residence Area: Leo Hall
Special Needs: No
Laundry: No
Fully Equipped Kitchen: No
Click here to go to the reservations page.
I'm working on a login/registration form for a school assignment, and I can't get the forms to retain any information when submitted. Whether the information is correct or incorrect, the form returns with blank values after being submitted. Here is the form code:
<?php
ini_set("display_errors","on");
error_reporting(E_ALL | E_STRICT);
$labels = array("email" => "Email Address:",
"password" => "Password:");
$submit = "Log In";
?>
<?php
echo "<form method='post'>";
foreach($labels as $field => $label)
{
if($field != "password")
{
echo "<div><label for='$field'>$label</label>
<input type='text' name='$field' id='$field' width='40%' maxlength='40' value='".#$$value."'></div>";
}
else
{
echo "<div><label for='$field'>$label</label>
<input type='password' name='$field' id='$field' width='40%' maxlength='20' value='".#$$value."'</div>";
}
}
echo "<div><input type='hidden' name='submitted' value='yes'>
<input type='submit' value='$submit' name='submit'></div>";
?>
The following is the validation code:
<?php
if(isset($_POST['submitted']) and $_POST['submitted'] == 'yes')
{
foreach($_POST as $field => $value)
{
if(empty($value))
{
$error_array[] = $field;
}
else
{
$good_data[$field] = strip_tags(trim($value));
}
}
if(#sizeof($error_array) > 0)
{
$message = "<p class='error'>Login information is incorrect</p>";
echo $message;
extract($good_data);
include('login.php');
exit();
}
else
{
foreach($good_data as $field => $value)
{
$clean_data[$field] = mysqli_real_escape_string($cxn,$value);
}
$sql = "select * from customerdata where email='$clean_data[email]' and password='$clean_data[password]'";
$result = mysqli_query($cxn,$sql) or die("<p class='error'>Couldn't connect to server.</p>");
$row = mysqli_fetch_assoc($result);
if ($row > 0)
{
$sql2 = "update user_login set login_time=CURRENT_TIMESTAMP where email='$clean_data[email]'";
$result2 = mysqli_query($cxn,$sql2) or die("<p class='error'>Couldn't connect to server.</p>");
$_SESSION['auth'] = "yes";
header("Location: catalog.php");
}
else
{
echo $message;
extract($clean_data);
include('login.php');
exit();
}
}
}
else
{
include("login.php");
}
Where you have #$$value in your input forms, you are firstly silencing the error in php saying that the $value isn't set in some of your include instances.
What would be advisable would be to save the username and password into their own distinct variables if received in the POST request and then echo these out into the value of the field, also by putting $$ you are trying to find a dynamically named variable, with the name of the value of $value, as opposed to the variable $value.
I think you want something like this -
foreach($labels as $field => $label)
{
$value = '';
if(!empty($_POST[$field ]) {
$value = $_POST[$field];
}
if($field != "password")
{
echo "<div><label for='$field'>$label</label>
<input type='text' name='$field' id='$field' width='40%' maxlength='40' value='".$value."'></div>";
}
else
{
echo "<div><label for='$field'>$label</label>
<input type='password' name='$field' id='$field' width='40%' maxlength='20' value='".$value."'</div>";
}
}
I have a form contaning Full name, email, phone when inserting values into the database the phone number was change to 2147483647 (Full name and email are ok). Here are my PHP file
register.php
<h1>register form</h1>
<?php
$labels=array("full_name"=>"Full Name",
"email"=>"Email",
"phone"=>"Phone");
echo "<form action='check_register.php' method='POST'>";
foreach($labels as $key =>$value)
{
echo "$value <input type='text' name='$key'/><br/>";
}
echo "<input type='submit' value='submit'/>";
echo "</form>";
?>
check_register.php
<?php
$labels=array("full_name"=>"Full Name",
"email"=>"Email",
"phone"=>"Phone");
foreach($_POST as $key =>$value)
{
if(empty($value))
{
$empty_value[]=$key;
}
elseif($key=="full_name")
{
if(!preg_match("/^[A-Za-z '-]{2,50}$/",$value))
{
$invalid_value[]=$key;
}
}
elseif($key=="email")
{
if(!preg_match("/^[A-Za-z0-9]{5,20}+(#)[A-Za-z0-9]{5,20}(\.com)$/",$value))
{
$invalid_value[]=$key;
}
}
elseif($key=="phone")
{
if(!preg_match("/^(\(\d+\)|\d+\-)?\d{10,20}$/",$value))
{
$invalid_value[]=$key;
}
}
}
if(#sizeof($empty_value)>0 or #sizeof($invalid_value)>0)
{
if(#sizeof($empty_value)>0)
{
echo "input ";
foreach($empty_value as $key) //loop empty value
{
echo " $labels[$key] ";
}
}
if(#sizeof($invalid_value)>0)
{
echo "<br/>invalid data ";
foreach($invalid_value as $key) //loop invalid_value
{
echo " $labels[$key] ";
}
}
echo "<form action='$_SERVER[PHP_SELF]' method='POST'>";
foreach($labels as $key =>$value)
{
echo "$value <input type='text' name='$key'/><br/>";
}
echo "<input type='submit' value='submit'/>";
echo "</form>";
}
else
{
$user='root';
$host='localhost';
$password='root';
$dbname='pet';
$connect=mysqli_connect($host,$user,$password,$dbname) or die("can't connect to server");
foreach($labels as $key =>$value)
{
$good_data[$key]=strip_tags(trim($_POST[$key]));
if($key=="phone")
{
$good_data[$key]=preg_replace("/[)( .-]/","",$good_data[$key]);
}
$good_data[$key]=mysqli_real_escape_string($connect,$good_data[$key]);
}
$query="INSERT INTO register (";
foreach($good_data as $key =>$value)
{
$query.="$key,";
}
$query.= ") VALUES (";
$query=preg_replace("/,\)/",")",$query);
foreach($good_data as $key =>$value)
{
$query.="'$value',";
}
$query.=")";
$query=preg_replace("/,\)/",")",$query);
$query=preg_replace("/(\(\d+\)|\d+\-)/",")",$query);
$result=mysqli_query($connect,$query) or die ("can't execute query.".mysqli_error($connect));
echo "$query";
echo "<h4>member inserted $query </h4>";
}
?>
Your phone number is stored as an integer and you are storing a number that is larger than an integer field.
Your options are to alter the table to make this field a bigint or a varchar.
Data insertion is not happening when user is entering through a form.i am trying to ask user for firstname , lastname and phone number through 3 fields checking pattern side by side but data is not being inserted in db.
The code is as ->
main page i.e. allinfo.php:
<html>
<head></head>
<body>
<?php
$labels=array("firstname"=>"FirstName" , "lastname"=>"LastName" ,"phone"=>"PhoneNumber");
?>
<form action='blank.php' method='POST'>
<?php
foreach ($labels as $field => $value)
{
echo "<label for='$field'>$value</label>";
echo "<input type='text' name='$field'>";
}
echo "<input type='submit' value='Submit'>";
?>
</form>
</body>
Other page:
<html>
<head></head>
<body>
<?php
/*foreach($_POST as $field=>$value)
{
echo "$field = $value<br />";
}*/
/*foreach($_POST as $field)
{
echo "$field <br />";
}*/
$labels=array("firstname"=>"FirstName" , "lastname"=>"LastName" ,"phone"=>"PhoneNumber");
foreach ($_POST as $field => $name)
{
if($field!='lastname')
{
if(empty($name))
{
$blank_array[]=$field;
}
}
elseif($field=="phone")
{
if(!preg_match("/^ [0-9 ) ( -] {7-20} $/" , $name))
{
$bad_array[]=$field;
}
}
}
if(#sizeof($blank_array) > 0 or #sizeof($bad_array) > 0)
{
if(#sizeof($blank_array) > 0)
{
echo "<p>You have missed some of the values</p>";
foreach($blank_array as $name)
{
echo "{$labels[$name]}<br />";
}
}
if(#sizeof($bad_array) > 0)
{
echo "Please enter in correct format";
foreach($bad_array as $name)
{
echo "{$labels[$name]}";
}
}
echo "<form action='$_SERVER[PHP_SELF]' method='POST'>"; /* re-display the form*/
foreach($labels as $field=>$name)
{
$good_data[$field]=strip_tags(trim($_POST[$field]));
echo "<label for='$field'>$name</label>";
echo "<input type='text' name='$field' value='{$good_data[$field]}'>";
}
echo "<input type='submit' value='Submit'>";
echo "</form>";
}
else
{
$host="localhost";
$acc="root";
$password="*******";
$database="member";
$cxn=mysqli_connect($host,$acc,$password,$database) or die("can not found");
foreach($labels as $field=> $name)
{
$good_data[$field]=strip_tags(trim($_POST[$field]));
if($field=="phone")
{
$good_data[$field]=preg_replace("/ [) ( . -] / " , " " , $good_data[$field]);
}
$good_data[$field]=mysqli_real_escape_string($cxn,$good_data[$field]);
}
$query="insert into user (";
foreach($good_data as $field =>$name)
{
$query.="$field";
}
$query.=") VALUES (";
$query=preg_replace("/,\)/",")",$query) ;
foreach($good_data as $field =>$name)
{
$query.="'$name',";
}
$query.=")";
$query=preg_replace("/,\)/",")",$query) ;
$result=mysqli_query($cxn,$query);
echo "new entry";
}
echo "<p>All the information is available ♥ </p>" ;
?>
</body>
Please help.
Change the loop where you build the query string
foreach($good_data as $field =>$name)
{
$query.="$field";
}
To
foreach($good_data as $field =>$name)
{
$query.="$field,";
}
Notice you missed the coma.