We Keep Coding

php - db insert error - query was empty

i'm trying to insert some records into the db and i'm getting this error: Query was empty
$data= json_decode(file_get_contents("php://input"));
$usercomment= mysql_real_escape_string($data->usercomment);
$wardrobe= mysql_real_escape_string($data->wardrobe);
$ctype= mysql_real_escape_string($data->ctype);
$pic= mysql_real_escape_string($data->pic);
$vtype= mysql_real_escape_string($data->vtype);
$query=mysql_query ("INSERT INTO db.comment(`comment`,`pic`,`wardrobe`,`comment_type`,`vtype`)
VALUES('".$usercomment."','".$pic."','".$wardrobe."','".$ctype."','".$vtype."')");
$Result1 = mysql_query($query, $dbcon) or die(mysql_error());

$query is already a mysql_query, so you can't add it inside the other mysql_query.
You can make $query be the string for the mysql_query below it.
$query = "INSERT INTO db.comment(`comment`,`pic`,`wardrobe`,`comment_type`,`vtype`) VALUES('".$usercomment."','".$pic."','".$wardrobe."','".$ctype."','".$vtype."')";
$result1 = mysql_query($query, $dbcon) or die(mysql_error());
Also, don't use the mysql_* functions, use mysqli_* instead.
See this answer for more details on why.

I have modified your code.. try this
data= json_decode(file_get_contents("php://input"));
$usercomment= mysql_real_escape_string($data->usercomment);
$wardrobe= mysql_real_escape_string($data->wardrobe);
$ctype= mysql_real_escape_string($data->ctype);
$pic= mysql_real_escape_string($data->pic);
$vtype= mysql_real_escape_string($data->vtype);
$query="INSERT INTO db.comment(`comment`,`pic`,`wardrobe`,`comment_type`,`vtype`)
VALUES('".$usercomment."','".$pic."','".$wardrobe."','".$ctype."','".$vtype."')";
$Result1 = mysql_query($query) or die(mysql_error());

Problems with mysqli_query function [duplicate]

This question already has answers here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(2 answers)
Closed 7 years ago.
i'm new to PHP and MySQL. I'm having issues with one of my mysqli_query functions. I have a database connection that works perfectly as the first half of my php file actually stores data into certain tables of the database.
The problem starts when i want to perform another query against the database. Here's the code:
// INSERT statements.
$queryMember = "INSERT INTO member (surname, name, gender, email, telHome, telMobile, dob, studentNum, idNum) VALUES ('$sur_name', '$f_name', '$gender', '$email', '$tel_home', '$mobile_num', ,'$date_of_birth', '$studentNumber', '$id_number')";
$queryAddress = "INSERT INTO physicalDetails (houseNum, unitNum, streetAdd, suburb, city, province, code ) VALUES ('$house_number', '$unit_number', '$street_address', '$suburb_name', '$city_name', '$province_name', '$zip_code')";
$queryStaff = "INSERT INTO staff (staffID ) VALUES ('$staff_id')";
$queryStudent = "INSERT INTO student (major ) VALUES ('$student_major')";
// Statements that must query the database.
$resultMember = mysqli_query($dbc, $queryMember) or die ('Error while inserting data into member details table');
$resultAddress = mysqli_query($dbc, $queryAddress ) or die ('Error while inserting data into member physical details table');
$resultStaff = mysqli_query($dbc, $queryStaff ) or die ('Error while inserting data into staff information table' );
$resultStudent = mysqli_query($dbc, $queryStudent ) or die ('Error while inserting data into student major details table');
mysqli_close($dbc);
When i run my form, my first error is the following: "Error while inserting data into member details table".
I don't understand why it's giving me an error. Any advice or suggestions would be appreciated. :)

Don't output a fixed (and useless) error message: Have the DB tell you what you did wrong:
$resultMember = mysqli_query($dbc, $queryMember) or die (mysqli_error($dbc));
^^^^^^^^^^^^
If you had that, you'd have been told about your syntax errors:
$queryMember = "[..snip..], '$mobile_num', ,'$date_of_birth', '$studentNumber', '$id_number')";
^^^^

Using PHP to send SQL Query, keeps failing? [duplicate]

This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
This is my PHP code:
$sql = "INSERT INTO `reviews`(`Departed`, `Returned`, `Name`, `Review`) VALUES ($departed,$returned,$name,$message)";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
$review[] = mysql_fetch_assoc($sql_result);
The query fails to execute, but the string looks okay:
request "Could not execute SQL query" INSERT INTO `reviews`(`Departed`, `Returned`, `Name`, `Review`) VALUES (2015-08-01,2015-08-06,test,test)

You need to put quotes around the input strings
... VALUES ('2015-08-01', '2015-08-06', 'test', 'test')
or way better use Prepared Statements that do that and more for you.

VARCHAR and DATE must be enclosed in quotes. Only numbers may be stripped of quotes.
$sql = "INSERT INTO `reviews`(`Departed`, `Returned`, `Name`, `Review`) VALUES ('$departed','$returned','$name','$message')";

PHP MySQL inserting information from one form into multiple tables

So I have form1 that contains information from multiple tables in a database. I've got listboxes and textboxes within this form that have that information. So all I'm trying to do is insert whatever information the user submits back into the database and have it outputted on form2. I've got my INSERT INTOs on my output page. I know you can't use one INSERT INTO query, so I was wondering how to use multiple INSERTS and submit that information back into the database.
The variables created below come from the previous page and all of the values are there.
if (isset($_POST['n_submit'])){
$oid = $_POST['oid'];
$odate = $_POST['odate'];
$ostatus = $_POST['ostatus'];
$cfname = $_POST['cfname'];
$cname = $_POST['clname'];
$efname = $_POST['efname'];
$elname = $_POST['elname'];
echo "New record created successfully";
$db = mysqli_connect('127.0.0.1:3307', 'mysql_user', 'mysql_password') or die ("I cannot connect to the database because: ".mysqli_connect_error());
$query = "select status_id from ostatus where status_type = '$ostatus'";
$result = mysqli_query($db, $query) or die("Error in SQL statement:" .mysqli_error());
$row = mysqli_fetch_array($result);
$statusid = $row[0];
$query1 = "insert into cust ('c_fname', 'c_lname') values ('$cfname', $clname)";
$result1 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query2 = "insert into employed ('e_fname', e_lname) values ('$efname', '$elname')";
$result2 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query3 ="INSERT INTO sorder (o_id, o_date, s_id) VALUES ('{$oid}', '{$odate}', '{$statusid}')";
$result3 = mysqli_query($db, $query3);
}

First of all your query is vulnerable to SQL injection. I am not going to fix that.
Second, you should Google how to handle forms properly. And you should consider starting SQL transaction if you really care about the data to go into all the tables for sure.
Third, you should be able to use multiple inserts like you are doing in your code. but you need to correct your syntax errors.
Try this code (I also removed the select code are based on your question it is not needed)
if (isset($_POST['n_submit'])){
$oid = $_POST['oid'];
$odate = $_POST['odate'];
$ostatus = $_POST['ostatus'];
$cfname = $_POST['cfname'];
$cname = $_POST['clname'];
$efname = $_POST['efname'];
$elname = $_POST['elname'];
$db = mysqli_connect('127.0.0.1:3307', 'mysql_user', 'mysql_password') or die ("I cannot connect to the database because: ".mysqli_connect_error());
$query1 = "insert into cust (c_fname, c_lname) values ('".$cfname."', '".$clname."')";
$result1 = mysqli_query($db, $query1) or die("Error in SQL statement:" .mysqli_error());
$query2 = "insert into employed (e_fname, e_lname) values ('".$efname."', '".$elname."')";
$result2 = mysqli_query($db, $query2) or die("Error in SQL statement:" .mysqli_error());
$query3 ="INSERT INTO sorder (o_id, o_date, s_id) VALUES ('".$oid."', '".$odate."', '".$statusid."')";
$result3 = mysqli_query($db, $query3);
if($result1 && $result2 && $result3)
echo 'New record created successfully';
else
echo 'something did not work';
}

Php Simple Error [duplicate]

This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
I am trying to insert data into a database through php.. Easy enough (I thought). I can't figure out what I am doing wrong. Here is my code:
$DB_HostName = "localhost:8888";
$DB_Name = "Sample";
$DB_User = "root";
$DB_Pass = "root";
$DB_Table = "Check";
$con = mysql_connect($DB_HostName,$DB_User,$DB_Pass) or die(mysql_error());
mysql_select_db($DB_Name,$con) or die(mysql_error());
$sql = "INSERT INTO $DB_Table (name) VALUES ('Sally') ";
mysql_query($sql) or die ("Error with Result");
mysql_close($con);
It gives me an error saying "Error with Result". This means that it must be connecting to the database correctly and everything is working right except for the end part.. What am I missing? If I say (msql_error()) it also does tell me to check the $sql. I can't figure out though what I am typing in wrong.

escape your database name with backtick
$sql = "INSERT INTO `$DB_Table` (name) VALUES ('Sally') ";
or
$sql = "INSERT INTO `" . $DB_Table . "` (name) VALUES ('Sally') ";
CHECK is a MySQL Reserved Keyword.
MySQL Reserved Keyword List
How can I prevent SQL injection in PHP?

I can't stress this enough, don't use mysql_ functions, that time has gone. Use either mysqli or PDO.
A simple way to check what is wrong with your SQL query is to add an error flag on the end of your die statement mysql_query($sql) or die ("Error with Result<br>".mysql_error());
It appears in your case that check is a constraint used to limit the value range that can be placed in a column. You would need to identify that it is a table using "`":
$sql = "INSERT INTO `$DB_Table` (name) VALUES ('Sally') ";