Hi there doing a small project with databases ( don't have too much experience with them). I'm working with mySQL and php, having a little bit of trouble with the php and posting the info from the HTML form to the database.
Here is the code:
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name="tags"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// get data that sent from form
$s_name=$_GET['name'];
$s_system=$_GET['system'];
$s_cate=$_GET['cate'];
$sql="INSERT INTO $tbl_name(name,system,cate)VALUES('$s_name', '$s_system', '$s_cate')";
$result=mysql_query($sql);
if($result){
echo "Successful<BR>";
echo "<a href=mainforum.php>View your topic</a>";
}
else {
echo "ERROR";
}
mysql_close();
?>
If anyone could help explain to me what I am doing wrong, much would very be appreciated.
THANKS
Here is a link to what I am trying to do:
http://socialsoftware.purchase.edu/roger-p.king/database2/enter_gamertag.html
u should use $_POST['variable'], not $_GET
because $_GET is variables array on the link
such as "http://example.com/?var=123", the value of $_GET['var'] is 123
the variable in form can get by $_POST['var'] or $_REQUEST['var']
$query = mysql_query("INSERT INTO '$tbl_name'(name,system,cate)VALUES('$s_name', '$s_system', '$s_cate')";
That should do, or if you do it your way in 2 lines,
$sql="INSERT INTO '$tbl_name'(name,system,cate)VALUES('$s_name', '$s_system', '$s_cate')";
$result=mysql_query($sql);
Related
So I have a PHP form that seems to only want to work sometimes. I really don't understand what is wrong with it or why. I will submit test data successfully, but 5 minutes later I will do another test and I get the error message.
I'm not an PHP or SQL expert so help me out!
<?php
$host="localhost"; // Host name
$username="user"; // Mysql username
$password="pass"; // Mysql password
$db_name="database"; // Database name
$tbl_name="table"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$title=$_POST['title'];
$body=$_POST['body'];
$date=$_POST['date'];
$tags=$_POST['tags'];
// Insert data into mysql
$sql="INSERT INTO $tbl_name(title, body, date, tags)VALUES('$title', '$body', '$date', '$tags')";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='insert.php'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
Thank you!
Louie
For first enable error reporting:
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
And check what's going on in your code.
Maybe problem is not in PHP but in MySQL Server.
I am trying to delete an item from my database but it isnt working.
I thought I had it working but it was deleting the first item in the database but not the item selected.
Here is what I have.
A link to delete.php then I have this for delete.php
<?php
ob_start();
include_once('../mysql_connect.php');
// contact to database
$host = "localhost";
$username = "admin";
$password = "password";
$database="database";
$tbl_name="new_equip";
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$database")or die("cannot select DB");
// get value of id that sent from address bar
$id=$_GET['id'];
// Delete data in mysql from row that has this id
$sql="DELETE FROM $tbl_name WHERE id='$id'";
$result=mysql_query($sql);
// if successfully deleted
if($result){
echo "Deleted Successfully";
echo "<BR>";
echo "<a href='inventory.php'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
I know this is probably something simple and I have been searching and trying everything I can find, but I cannot seem to get it working. I believe the delete.php link needs to have the item number in it. Here is what the link is
"delete.php?id=<?php echo $eid; ?>"
I also have this on the top of the delete.php
<?php
$eid = (int) $_GET['id'];
if ($eid < 1)
?>
Do not put the GET directly in your variable that might cause SQL Injections
Do not use mysql... use mysqli instead!
Format your code more
Than back to the main problem:
Echo your $id to see if it is the correct one ;) I could not see some other problem at your code.
I know this has been asked hundreds of times, however, I couldn't find how this specific error applied to many of the other examples.
I have many form fields on a PHP page and they update into my database just fine when I hit submit, until I use http://somewebsite.net in one of the fields.
The field I post my form, field flightaware is posted to bijwerkvlucht_post.php as flightaware='$flightaware'.
I do not get the above error message when I test with plain text or remove the http:// . Thus deducing that it is an issue related to http:// in the wording.
How would I fix the code to resolve this particular issue?
The code on the post page:
<?php
$host="localhost"; // Host name
$username="xxxxx"; // Mysql username
$password="xxxxx"; // Mysql password
$db_name="xxxxx"; // Database name
$tbl_name="tbl_vluchtgegevens"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// update data in mysql database
$sql="UPDATE $tbl_name SET reisID='$reisID', vertrekdatum2='$vertrekdatum2',
vertrektijd='$vertrektijd', vertrektijdactueel='$vertrektijdactueel',
vertrekluchthaven='$vertrekluchthaven', aankomstdatum2='$aankomstdatum2',
aankomsttijd='$aankomsttijd', aankomstluchthaven='$aankomstluchthaven',
luchtvaartmaatschappij='$luchtvaartmaatschappij', toestel='$toestel',
inschrijvingnmr='$inschrijvingnmr', vluchttijd='$vluchttijd',
vluchttijddec='$vluchttijddec',reisklasse='$reisklasse', stoel='$stoel', prijs='$prijs',
vluchtnmr='$vluchtnmr', vluchttype='$vluchttype', upgrade='$upgrade',
boekingcode='$boekingcode', eticketnmr='$eticketnmr', farecode='$farecode',
flightaware='$flightaware', route='$route' WHERE gegevenID='$id'";
$result=mysql_query($sql);
// if successfully updated.
if($result){
echo "Successful";
echo "<BR>";
}
else {
echo "ERROR";
}
?>
Sirs,
I'm getting an error from my PHP script, probably the query, but I can't figure out what's going on. I can connect the database, but I still get the error from de "echo ERROR" line.
Does anyone know what's wrong with my code? I appreciate any help! I spent a few hours to solve this issue, but couldn't get nothing.
HTML form
<form action="insert-info.php" method="post">
<input class="form1" type="text" value="TEXT ONE" name="textone" onfocus="if (this.value=='NTEXT ONE') this.value='';"/>
<input class="form1" type="text" value="TEXT TWO" name="texttwo" onfocus="if (this.value=='TEXT TWO') this.value='';"/>
<input class="form2" type="text" value="TEXT THREE" name="textthree" onfocus="if (this.value=='TEXT THREE') this.value='';"/>
</form>
Database connect and insert
<?php
$host="localhost"; // Host name
$username="***"; // Mysql username
$password="***"; // Mysql password
$db_name="***"; // Database name
$tbl_name="insertinfo"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$textone=$_POST['textone'];
$texttwo=$_POST['texttwo'];
$textthree=$_POST['textthree'];
// Insert data into mysql
$sql="INSERT INTO $tbl_name('textone', 'texttwo', 'textthree') VALUES ('$textone', '$texttwo', '$textthree')";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<br />";
echo "<a href='insert.php'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
Database structure
# Type Collation Null Pattern Extra
1 id int(4) None (none) AUTO_INCREMENT
2 textone varchar(50) utf8_bin None (none)
3 texttwo varchar(50) utf8_bin None (none)
4 textthree varchar(50) utf8_bin None (none)
Looks like the issue is just the column names of your INSERT query. You don't need single quotes around those.
$sql="INSERT INTO $tbl_name(textone, texttwo, textthree) VALUES ('$textone', '$texttwo', '$textthree')";
That should work.
EDIT: echo_Me and Mayank's warnings and recommendations are necessary to consider for production code!
actually you are not selecting database and the connection variables. because you are using strings. you need to remove the quotes like that
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
there is some things you need to fix in your code .
escape your POST variables.
change to PDO or MYSQLI.
follow the error by echoing system error.
Use mysql_error() to print the error message. It will tell you more about why the query failed. Note that this function is deprecated. I recommend to use mysqli or PDO database classes.
$sql=sprintf(
"INSERT INTO
$tbl_name(textone, texttwo, textthree)
VALUES ('%s','%s','%s')",
mysql_real_escape_string($textone),
mysql_real_escape_string($texttwo),
mysql_real_escape_string($textthree)
);
Try Like this
There is no need to give column names within ' ' in INSERT query.
$sql="INSERT INTO $tbl_name(textone,texttwo,textthree) VALUES ('$textone', '$texttwo', '$textthree')";
$result=mysql_query($sql);
I am have been trying to setup this code to delete a row on the mysql database as well as the photo that was uploaded with it. It is working GREAT to remove the row data, but it will not get rid of the photo, and I cannot figure out what I am doing wrong. To simplify things, im using the variable $id which is the number of the row entered in the form which triggers this php file:
<?php
$host="localhost"; // Host name
$username="blahblah_plans"; // Mysql username
$password="password"; // Mysql password
$db_name="blahtbl_name"; // Database name
$tbl_name="plans"; // Table name
// Connect to server and select databse.
$conn = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// get value of id that sent from address bar
$id=$_GET['idnum'];
$compositesql="SELECT composite FROM plans WHERE ID ='$id'";
$compositeresult = mysql_query($compositesql) or die(mysql_error());
$compositefilename = "/composite/" + $compositeresult;
$unlink = unlink($compositefilename);
if($unlink) {
echo 'Successfully deleted file: ';
echo $compositefilename;
} else {
echo 'Error deleting file: ';
echo $compositefilename;
}
// Delete data in mysql from row that has this id
$sql="DELETE FROM $tbl_name WHERE ID ='$id'";
$result = mysql_query($sql);
if($result){
header("location:planentry.php");
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
Make sure the path is right, $compositefilename = "/composite/" + $compositeresult; should be the path in the server, it most likely to be
$compositefilename = PATH_TO_YOUR_WEB_ROOT . "/composite/" . $compositeresult;
And php does not use + to concat strings.
The problem is that $compositeresult contains a resource rather than a result set. This line is what's causing it:
$compositeresult = mysql_query($compositesql) or die(mysql_error());
To fix that, store the resource on a variable, then store the result set on another variable, like this:
$compositequery = mysql_query($compositesql) or die(mysql_error());
$compositeresult = mysql_fetch_array($compositequery) or die(mysql_error());
Also, I highly recommend that you start using mysqli or PDO instead of mysql, since it's safer. Also, as xdazz said, PHP's concatenation operator is the dot, not the plus sign. So your $compositefilename should be declared as (note that $compositeresult is an array of data and therefore should have its correct key explicitly written):
$compositefilename = "/composite/" . $compositeresult['composite'];