I have just installed xampp but I'm having problem inserting data into MySQL table.
The data I inserted does not appear in phpmyadmin. I am not sure what is the problem.
Any help will be gratefully appreciated, here is my code:
<html>
<head>
<title>Test</title>
<body>
<form action="test.php" method="post">
Firstname: <input type="text" name="firstname" />
Lastname: <input type="text" name="lastname" />
Age: <input type="text" name="age" />
<input type="submit"name="submit" value="submit"/>
</form>
<?php
$host ="localhost";
$username = "***";
$password = "***";
$database = "***";
$table ="persons";
$con = mysql_connect("localhost","***","***");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("bucksbug_mesovot", $con);
$sql="INSERT INTO persons (firstname, lastname, age)
VALUES('$_POST[firstname]','$_POST[lastname]','$_POST[age]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Data inserted";
mysql_close($con);
?>
</body>
</html>
Although you should really switch to PDO / mysqli and prepared statements with bound parameters to avoid sql injection and breaking sql statements if your variables contain quotation marks, you will probably run into problems with PDO / mysqli as well: Your password (change it!) contains a $.
See the following example on codepad:
<?php
function test($var)
{
echo $var;
}
$test_var = "test$string";
test($test_var);
Output:
test
You will not be able to connect successfully to the database as your password will never be correct.
Change:
"=c(p$zTTH2Jm"
to:
'=c(p$zTTH2Jm'
Related
I've got a simple form to take in user data and insert it into an sql database. When the user hits submit it does create a new entry line (so I know it's connecting to the database) but none of the values are posting as they should. I was following the tutorials on w3schools but I'm not sure where my Values are getting lost. Could some one point me in the right direction?
Form:
<?php
$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$Sid = $_POST["Sid"];
$Email = $_POST["Email"];
$Dtype = $_POST["Dtype"];
$Mac = $_POST["Mac"];
?>
<html>
<head>
<title>Register School Device</title>
</head>
<body>
<form method="post" action="SMA_Send.php">
First Name:<input type="text" size="12" maxlength="20" name="Fname"><br />
Last Name:<input type="text" size="12" maxlength="36" name="Lname"><br />
Student ID:<input type="text" size="12" maxlength="12" name="Sid"><br />
Email:<input type="text" size="12" maxlength="36" name="Email"><br />
Device Type:<br />
<select name="Dtype">
<option value="iPad">iPad</option>
<option value="iPhone">iPhone</option>
<option value="AndroidTablet">Android Tablet</option>
<option value="AndroidPhone">Android Phone</option></select><br />
Mac Address:<input type="text" size="12" maxlength="36" name="Mac"><br />
<input type="submit" value="submit" name="submit">
</form>
Send:
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "dbname";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO StudentDeviceReg (Fname, Lname, Sid, Email, Dtype, Mac, Date)
VALUES ('$Fname','$Lname','$Sid','$Email','$Dtype','$Mac',NOW())";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
These belong in your PHP/SQL SMA_Send.php file and not in your form.
$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$Sid = $_POST["Sid"];
$Email = $_POST["Email"];
$Dtype = $_POST["Dtype"];
$Mac = $_POST["Mac"];
Having used error reporting, would have signaled Undefined variables.
I also need to note that your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Error reporting should only be done in staging, and never production.
i don't see you using $_POST any where:
use $_POST["Fname"] and others also like this.
or you can do this:
$Fname = $_POST["Fname"];// for the rest also.
I'm new to php and sql and all that stuff, and I was watching a tutorial on youtube about forums in php and wonder why this code doesn't echo "Success" when submitting the form. I also wonder why it echo out Failure before I have submitted the form. I have connected successfully to the database.
<!DOCTYPE HTML>
<html>
<head>
<title>Register</title>
</head>
<body>
<form action="register.php" method="POST">
Username: <input type="text" name="username">
<br/>
Password: <input type="password" name="password">
<br/>
Confirm Password: <input type="password" name="confirmPassword">
<br/>
Email: <input type="text" name="email">
<br/>
<input type="submit" name="submit" value="Register"> or Log in
</form>
</body>
</html>
<?php
require('connect.php');
$username = $_POST['username'];
$password = $_POST['password'];
$confirmPassword = $_POST['confirmPassword'];
$email = $_POST['email'];
if(isset($_POST["submit"])){
if($query = mysql_query("INSERT INTO users ('id', 'username', 'password', 'email') VALUES('', '".$username."', '".$password."', '".$email."')")){
echo "Success";
}else{
echo "Failure" . mysql_error();
}
}
?>
Connect.php
<?php
$connect = mysqli_connect("localhost", "root", "") or die("Could not connect to server!");
mysqli_select_db($connect, "php_forum") or die("Could not connect to database!");
?>
There are a few things wrong here.
You're using the wrong identifiers for your columns in (and being quotes):
('id', 'username', 'password', 'email')
remove them
(id, username, password, email)
or use backticks
(`id`, `username`, `password`, `email`)
mysql_error() should have thrown you an error, but it didn't because of:
You're mixing MySQL APIs with mysqli_ to connect with, then mysql_ in your query.
Those two different APIs do not intermix with each other.
Use mysqli_ exclusively and change your present query to:
if($query = mysqli_query($connect, "INSERT...
and change mysql_error() to mysqli_error($connect)
as a rewrite for that block:
if(isset($_POST["submit"])){
if($query = mysqli_query($connect,"INSERT INTO users ('id', 'username', 'password', 'email') VALUES('', '".$username."', '".$password."', '".$email."')")){
echo "Success";
}else{
echo "Failure" . mysqli_error($connect);
}
}
Just to test the error, make the changes as I outlined just above, while keeping the quotes around your columns the way you have it now. You will then see the error that MySQL will throw. You can then do as I've already outlined above and remove the quotes around the column names, or replace them with backticks.
The tutorial you saw may very well used backticks, but were probably not distinguishable enough for you to tell that they were indeed backticks and not single quotes.
However, your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.
I noticed you may be storing passwords in plain text. If this is the case, it is highly discouraged.
I recommend you use CRYPT_BLOWFISH or PHP 5.5's password_hash() function. For PHP < 5.5 use the password_hash() compatibility pack.
Also, instead of doing:
$connect = mysqli_connect("localhost", "root", "") or die("Could not connect to server!");
mysqli_select_db($connect, "php_forum") or die("Could not connect to database!");
You should be checking for errors instead, just as the manual states
$link = mysqli_connect("myhost","myuser","mypassw","mybd")
or die("Error " . mysqli_error($link));
http://php.net/manual/en/function.mysqli-connect.php
So in your case:
$connect = mysqli_connect("localhost", "root", "","php_forum")
or die("Error " . mysqli_error($connect));
Edit: and I changed action="register.php" to action="" since you're using the entire code inside the same page.
<!DOCTYPE HTML>
<html>
<head>
<title>Register</title>
</head>
<body>
<form action="" method="POST">
Username: <input type="text" name="username">
<br/>
Password: <input type="password" name="password">
<br/>
Confirm Password: <input type="password" name="confirmPassword">
<br/>
Email: <input type="text" name="email">
<br/>
<input type="submit" name="submit" value="Register"> or Log in
</form>
</body>
</html>
<?php
require('connect.php');
$username = $_POST['username'];
$password = $_POST['password'];
$confirmPassword = $_POST['confirmPassword'];
$email = $_POST['email'];
if(isset($_POST["submit"])){
if($query = mysqli_query($connect,"INSERT INTO users (`id`, `username`, `password`, `email`) VALUES ('', '".$username."', '".$password."', '".$email."')")){
echo "Success";
}else{
echo "Failure" . mysqli_error($connect);
}
}
?>
:It will echo ;Failure' so executing this bit of code
else{
echo "Failure" . mysql_error();
}
whenever $_POST["submit"]) is not set and it will be not set anytime you open you page (even if you navigate to it from your bookmark of from google search results) or when you submit you FORM in GET mode
I am a beginner in php(& mysql).I am trying to insert form data into my database.But it does not work.Clicking on the 'Register' button on User_info.php page just displays a link to my home page.
Sign Up.php
<!DOCTYPE html>
<html>
<head>
<title>Details</title>
</head>
<body bgColor="Red">
<h1 style="color:blue">Please provide your details to become a registered user</h1>
<form style="color:blue" action="User_info.php" method="post">
User Id:     <input type="text" name="user_id" value="">
<br><br>
Password: <input type="password" name="password" value="">
<br><br>
Email Id:   <input type="text" name="email_id" value="">
<br><br>
Phone:      <input type="text" name="phone_no" value="">
<br><br>
<input type="submit" name="submit" value="Register">
</form>
</body>
</html>
User_info.php
<!DOCTYPE html>
<html>
<head><title>User Information</title></head>
<body>
<?php
$hostname="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="movie store"; // Database name
$tbl_name="user"; // Table name
// Connect to server and select database.
$con=mysql_connect($hostname, $username, $password);
if(!$con)
{
die('Could not connect: '. mysql_error());
}
mysql_select_db($db_name,$con);
$id = $_POST['user_id'];
$pass = $_POST['password'];
$email = $_POST['email_id'];
$phone= $_POST['phone_no'];
$sql="INSERT INTO $tbl_name(user_id,password,email_id,phone_no) VALUES('$id','$pass','$email','$phone')";
if(!mysql_query($sql,$con))
{
die('Error: '. mysql_error());
}
print_r "1 record inserted";
// close connection
mysql_close($con);
?>
Return to Home
</body>
</html>
There is syntax error on line #29 of User_info.php
use echo "1 record inserted"; instead of print_r "1 record inserted";
MySQL extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. Ref
Please update your 'User_info.php' with following code as quick MySQLi solution.
<!DOCTYPE html>
<html>
<head><title>User Information</title></head>
<body>
<?php
$hostname="localhost"; // Host name
$username="root"; // mysqli username
$password=""; // mysqli password
$db_name="movie store"; // Database name
$tbl_name="user"; // Table name
// Connect to server and select database.
$con=mysqli_connect($hostname, $username, $password);
if(!$con)
{
die('Could not connect: '. mysqli_error());
}
mysqli_select_db($con, $db_name);
$id = $_POST['user_id'];
$pass = $_POST['password'];
$email = $_POST['email_id'];
$phone= $_POST['phone_no'];
$sql="INSERT INTO $tbl_name (user_id,password,email_id,phone_no) VALUES('$id','$pass','$email','$phone')";
if(!mysqli_query($con, $sql))
{
die('Error: '. mysqli_error($con));
}
echo "1 record inserted";
// close connection
mysqli_close($con);
?>
Return to Home
</body>
</html>
I have looked for the answer to my question and seeing as all programming varies I can't seem to fix my problem. I have created a php file that does in fact connect to my database. However, when I try submitting data to my database via my php webpage it won't go through. The same happens when I try to display info from my database to a webpage. Seeing as it is in fact connecting to the database, I'm not sure what the issue is. Any help is appreciated, try to dumb it down for me as much as possible when you answer. Also, I have triple-checked my database name and table names to make sure they match up with my coding. Here's my code:
Connection to database:
<?php
DEFINE ('DB_USER', 'root');
DEFINE ('DB_PSWD', '');
DEFINE ('DB_HOST', 'localhost');
DEFINE ('DB_NAME', 'art database');
$dbcon = mysqli_connect(DB_HOST, DB_USER, DB_PSWD, DB_NAME);
?>
My form to insert data to my database:
<?php
if (isset($_POST['submitted'])) {
include('connect-mysql.php');
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$sqlinsert = "INSERT INTO users (first name, last name) VALUES ('$fname','$lname')";
if (!mysqli_query($dbcon, $sqlinsert)) {
die('error inserting new record');
} //end of nested if
$newrecord = "1 record added to the database";
} // end of the main if statement
?>
<html>
<head>
<title>Insert Data into DB</title>
</head>
<body>
<hl>Insert Data into DB</hl>
<form method="post" action="insert-data.php">
<input type="hidden" name="submitted" value="true"/>
<fieldset>
<legend>New People</legend>
<label>First Name:<input type="text" name="fname" /></label>
<label>Last Name:<input type="text" name="lname" /></label>
</fieldset>
<br />
<input type="submit" value="add new person" />
</form>
<?php
echo $newrecord;
?>
</body>
</html>
The reason it's not working is because you have spaces in your columns/query.
INSERT INTO users (first name, last name)
wrap them in backticks like this:
INSERT INTO users (`first name`, `last name`)
It is not recommended to use spaces in column names or tables.
Try and use underscores instead, or remove the spaces and make the appropriate changes to your columns in your DB also, if you do.
You should also consider using:
('" . $fname . "','" . $lname . "')
instead of ('$fname','$lname')
I'm also questioning this => DEFINE ('DB_NAME', 'art database');
There is a space in between art and database. If that is the case and is in fact the name you've given your DB, do rename it to art_database and use DEFINE ('DB_NAME', 'art_database'); instead.
And do use the following for added protection:
$fname = mysqli_real_escape_string($dbcon,trim($_POST['fname']));
$lname = mysqli_real_escape_string($dbcon,trim($_POST['lname']));
Interesting article to read on protection:
How can I prevent SQL injection in PHP?
EDIT: (options)
OPTION 1, in 2 files:
First, rename your columns to firstname and lastname and use the following code and naming your file insert-data.php
DB query file (insert-data.php)
<?php
if (isset($_POST['submit'])) {
include('connect-mysql.php');
$fname = mysqli_real_escape_string($dbcon,trim($_POST['fname']));
$lname = mysqli_real_escape_string($dbcon,trim($_POST['lname']));
$sqlinsert = "INSERT INTO `users` (firstname, lastname) VALUES ('" . $fname . "','" . $lname . "')";
if (!mysqli_query($dbcon, $sqlinsert)) {
die('error inserting new record');
} //end of nested if
echo "1 record added to the database";
} // end of the main if statement
?>
Then in a seperate file, your HTML form; name it db_form.php for example:
HTML form (db_form.php)
<html>
<head>
<title>Insert Data into DB</title>
</head>
<body>
<hl>Insert Data into DB</hl>
<form method="post" action="insert-data.php">
<input type="hidden" name="submitted" value="true"/>
<fieldset>
<legend>New People</legend>
<label>First Name:<input type="text" name="fname" /></label>
<label>Last Name:<input type="text" name="lname" /></label>
</fieldset>
<br />
<input type="submit" name="submit" value="add new person" />
</form>
</body>
</html>
NEW EDIT - OPTION 2, all in one file:
Use this in one page, with nothing else added:
<?php
if (isset($_POST['submit'])) {
if(empty($_POST['fname'])) {
die("Fill in the first name field.");
}
if(empty($_POST['lname'])) {
die("Fill in the last name field.");
}
include('connect-mysql.php');
$fname = mysqli_real_escape_string($dbcon,trim($_POST['fname']));
$lname = mysqli_real_escape_string($dbcon,trim($_POST['lname']));
$sqlinsert = "INSERT INTO `users` (firstname, lastname) VALUES ('" . $fname . "','" . $lname . "')";
if (!mysqli_query($dbcon, $sqlinsert)) {
die('error inserting new record');
} //end of nested if
echo "1 record added to the database";
} // end of the main if statement
?>
<html>
<head>
<title>Insert Data into DB</title>
</head>
<body>
<hl>Insert Data into DB</hl>
<form method="post" action="">
<fieldset>
<legend>New People</legend>
<label>First Name:<input type="text" name="fname" /></label>
<label>Last Name:<input type="text" name="lname" /></label>
</fieldset>
<br />
<input type="submit" name="submit" value="add new person" />
</form>
<?php
echo $newrecord;
?>
</body>
</html>
I have made some changes, which is working fine for me
Where i can ignore if data is already in database
You Can try this to
<?php
if (isset($_POST['submit'])) {
include('db.inc.php');
$fname = mysqli_real_escape_string($dbcon,trim($_POST['fname']));
$lname = mysqli_real_escape_string($dbcon,trim($_POST['lname']));
// $sqlinsert = "INSERT INTO `user` (firstname, lastname) VALUES ('" . $fname . "','" . $lname . "')";
$sqlinsert = "INSERT IGNORE INTO `dbname`.`user` (`fname`, `lname`) VALUES ( '$fname', '$lname')";
if (!mysqli_query($dbcon, $sqlinsert)) {
die('error inserting new record');
} //end of nested if
echo "1 record added to the database";
} // end of the main if statement
?>
Where db.inc.php is a different file in same directory for connecting database
<?php
$dbcon=mysqli_connect("localhost","dbuser","yourpassword","dbname");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
I made a form to insert and modify categories in my project.
when i hit "submit" i get the record submitted into the database but it appears empty !
and if i go to the databse field and write the text myself it will appear good in MySQL and and "????" in the browser !
here is the code i wrote:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<body>
<?php
$con = mysql_connect("localhost","user","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("mydb", $con);
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
('$_POST[name]','$_POST[parent_id]','$_POST[description]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con)
?>
<form action="ins.php" method="post">
category: <input type="text" name="name" /><br><br>
parent: <input type="text" name="parent_id" /><br><br>
description: <input type="text" name="description" /><br><br>
<input type="submit" />
</form>
</body>
</html>
You have to quote (using ") around your index name in your SQL request because $_POST is an array:
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
('".$_POST["name"]."','".$_POST["parent_id"]."','".$_POST["description"]."')";
But generally speaking please dont trust directly what's user are posting to your script to avoid SQL Injections. You can use mysqli::query which is way better and safer :
Mysqli
First sanitize your user input.
If you after that want to use the values from the array without all the concatenation everyone else mentions use {} around array accessors.
$sql="INSERT INTO categories (name, parent_id, description)
VALUES
('{$_POST['name']}','{$_POST['parent_id']}','{$_POST['description']}')";
To clean for example $_POST do something like this is a good start. This is a bit of my older code. As others have written use mysqli instead
function clean_array($t_array)
{
foreach($t_array as $key=>$value)
$array[$key] = mysql_real_escape_string( trim($value) );
return $t_array;
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<body>
<?php
if ($_POST['action']=="doformpost") {
//only do DB insert if form is actually posted
$con = mysql_connect("localhost","user","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("mydb", $con);
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
('".$_POST['name']."','".$_POST['parent_id']."','".$_POST['description']."')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con)
}
?>
<form action="ins.php" method="post">
<input type="hidden" name="action" id="action" value="doformpost" />
category: <input type="text" name="name" /><br><br>
parent: <input type="text" name="parent_id" /><br><br>
description: <input type="text" name="description" /><br><br>
<input type="submit" />
</form>
</body>
</html>
Try using double quotes in your statement like this:
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
("'.$_POST['name'].'","'.$_POST['parent_id'].'","'.$_POST['description'].'")";
lots of issues here.
$_POST[name] should be $_POST['name']
your query will run even if the form is not submitted.
you are using deprecated mysql_* functions. Use PDO or mysqli
Your code is vulnerable to sql injection
With all that out, here's what you need to do.
Just to verify that the form is submitted, use
if( !empty($_POST['name']) &&
!empty($_POST['parent_id']) &&
!empty($_POST['description']) )
(use isset if empty value is allowed.)
Then run the query.
In PDO, the code will look like this ->
<?php
// configuration
$dbtype = "mysql";
$dbhost = "localhost";
$dbname = "mydb";
$dbuser = "user";
$dbpass = "pass";
// database connection
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
// query
$sql = "INSERT INTO categories (name, parent_id,description)
VALUES
(?,?,?)";
$q = $conn->prepare($sql);
$q->execute(array($_POST[name],$_POST[parent_id],$_POST[description]));
?>
This is just a start. you can use try and catch block to catch exceptions.
Before running query, check if form is submitted by !empty() or isset() as described above.
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
("'.$_POST['name'].'","'.$_POST['parent_id'].'","'.$_POST['description'].'")";
Please provide quotes while inserting values in database
I found that if you forget the simply html attribute in the <form> for METHOD="POST"... you will get blank data in your database despite all else working fine.
ie.. <form action="file.php" method=POST>
use this statement for your code
if( isset($_POST['name']) && isset($_POST['parent_id']) && isset($_POST['description']) )
//your insert query
Don't forgot about safety!
$sql="INSERT INTO categories (name, parent_id,description)
VALUES
('".mysql_real_escape_string($_POST['name'])."','".intval($_POST['parent_id'])."','".mysql_real_escape_string($_POST['description'])."')";
And i think a problem with encodings.
launch query before you inserting a data:
$sql = 'set names `utf-8`'; (for example)
Use Below insert query to insert data , i m sure it will definitely help you.
$sql="INSERT INTO categories (name,parent_id,description)
VALUES
('".$_POST['name']."','".$_POST['parent_id']."','".$_POST['description']."')";
Try this
<?php
if(isset($_POST['submit'])) {
$con = mysql_connect("localhost","user","pass");
if (!$con){
die('Could not connect: ' . mysql_error());
}
mysql_select_db("mydb", $con);
$sql="INSERT INTO categories (name, parent_id,description) VALUES
('".$_POST['name']."','".$_POST['parent_id']."','".$_POST['description']."')";
if (!mysql_query($sql,$con)) {
die('Error: ' . mysql_error());
} else {
echo "1 record added";
}
mysql_close($con);
}
?>
<html>
<body>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
category: <input type="text" name="name" /><br><br>
parent: <input type="text" name="parent_id" /><br><br>
description: <input type="text" name="description" /><br><br>
<input type="submit"name="submit" value="Submit" />
</form>
</body>
</html>
Me too faced the same problem.
Proceed your insert query like this, this helped me.
$email_id = $_POST['email_id'];
$device_id = $_POST['device_id'];
***For My Sqli***
if(!empty($email_id ))
{
$result_insert = mysqli_query($db_conn,"INSERT INTO tableName (user_email, user_device_id,last_updated_by) VALUES('".$email_id."', '".$device_id."', '".$email_id."') ");
if(mysqli_affected_rows($db_conn)>0)
{
$response["success"] = 1;
$response["message"] = "Successfully Inserted";
}
else
{
$response["success"] = 0;
$response["message"] = "Problem in Inserting";
}
}
else
{
$response["success"] = 4;
$response["message"] = "Email id cannot be Blank";
}
}
///////////////////////////////////////////////////////////////////////////////
**For My Sql**
if(!empty($email_id ))
{
$result_insert = mysql_query("INSERT INTO tableName (user_email, user_device_id,last_updated_by) VALUES('".$email_id."', '".$device_id."', '".$email_id."') ");
if(mysql_affected_rows()>0)
{
$response["success"] = 1;
$response["message"] = "Successfully Inserted";
}
else
{
$response["success"] = 0;
$response["message"] = "Problem in Inserting";
}
}
else
{
$response["success"] = 4;
$response["message"] = "Email id cannot be Blank";
}
}
NOTE : here i have checked only for email.