php mysql insert statement - php

I'm trying to put a bit of dummy data directly into a table I have created:
$sql = "CREATE TABLE customers
(
customer_id int(11) NOT NULL AUTO_INCREMENT,
customer_joindate DATE NOT NULL,
customer_title varchar(8) NOT NULL,
customer_firstname varchar(20) NOT NULL,
customer_surname varchar(20) NOT NULL,
customer_dob DATE,
customer_email varchar(60),
customer_phone varchar(14),
customer_lastupdate TIMESTAMP,
PRIMARY KEY (customer_id)
)TYPE = INNODB;";
I would like the join date to be the current date and I believe the timestamp will handle itself? So I tried the following insert:
mysql_query("INSERT INTO customers (customer_joindate, customer_title, customer_firstname, customer_surname, customer_dob, customer_email, customer_phone)
VALUES (CURDATE(), 'Mr', 'John', 'Smith', '1985-11-01', 'john.smith#gmail.com', ''+4477665434')");
That doesn't seem to be inserting anything, could someone please tell me where I have gone wrong?


Try using 'ENGINE' instead of 'TYPE' :
CREATE TABLE 'customers'
(
'customer_id' int(11) NOT NULL AUTO_INCREMENT,
'customer_joindate' DATE NOT NULL,
'customer_title' varchar(8) NOT NULL,
'customer_firstname' varchar(20) NOT NULL,
'customer_surname' varchar(20) NOT NULL,
'customer_dob' DATE,
'customer_email' varchar(60),
'customer_phone' varchar(14),
'customer_lastupdate' TIMESTAMP,
PRIMARY KEY ('customer_id')
) ENGINE=INNODB;
For more information check the MySql Manual.
As far as I know 'TYPE' is deprecated for newer versions of MySql.


as suggested I used die(mysql_error()) to find the problems:
mysql_query("INSERT INTO customers (customer_joindate, customer_title, customer_firstname, customer_surname, customer_dob, customer_email, customer_phone)
VALUES (CURDATE(), 'Mr', 'John', 'Smith', '1985-11-01', 'john.smith#gmail.com', '+447766543498')")or die(mysql_error()); ;

Related

I don't understand this error

I don't understand this error
Erreur de syntaxe près de ' , '196,000,000', '6357007', '6357006', '',
'mr. hasan', '', '', '' à la ligne 2
Here is my table create:
CREATE TABLE `comp` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`COMPANY_NAME` varchar(500) NOT NULL,
`ACTIVITY` text NOT NULL,
`CITY` varchar(150) NOT NULL,
`NUM_COMPANY_FOLLOW` int(11) DEFAULT NULL,
`NUM_BRANCH` int(11) DEFAULT NULL,
`ASSETS` text,
`PHONE1` varchar(100) NOT NULL,
`PHONE2` varchar(100) DEFAULT NULL,
`E_MAIL` varchar(250) DEFAULT NULL,
`DIRECTOR_NAME` varchar(500) NOT NULL,
`COMPANY_SITE` varchar(250) DEFAULT NULL,
`COMPANY_ADDRESS` text,
`HEAD_LOCATION` varchar(100) DEFAULT NULL,
`HEAD_DIRECTORS_NAME` text NOT NULL,
`VICE_HEAD_NAME` varchar(500) NOT NULL,
`BOARD_MEMBER` text,
`BRIEF_DESC` text,
`EVALUE` varchar(250) DEFAULT NULL,
`NOTES` text,
`USERID_ADD` int(11) DEFAULT NULL,
`IP_ADD` varchar(15) DEFAULT NULL,
`DATE_ADD` int(11) DEFAULT NULL,
`USERID_EDIT` int(11) DEFAULT NULL,
`IP_EDIT` varchar(15) DEFAULT NULL,
`DATE_EDIT` int(11) DEFAULT NULL,
PRIMARY KEY (`ID`)
) ENGINE=InnoDB AUTO_INCREMENT=17 DEFAULT CHARSET=cp1256
Here is my code:
$sql = "INSERT INTO comp (ID, COMPANY_NAME, ACTIVITY, CITY, NUM_COMPANY_FOLLOW, NUM_BRANCH, ASSETS, PHONE1, PHONE2, E_MAIL, DIRECTOR_NAME, COMPANY_SITE, COMPANY_ADDRESS, HEAD_LOCATION, HEAD_DIRECTORS_NAME, VICE_HEAD_NAME,BOARD_MEMBER, BRIEF_DESC, EVALUE, NOTES, USERID_ADD, IP_ADD, DATE_ADD)
VALUES (NULL, '$COMPANY_NAME', '$ACTIVITY', '$CITY', $NUM_COMPANY_FOLLOW, $NUM_BRANCH, '$ASSETS', '$PHONE1', '$PHONE2',
'$E_MAIL', '$DIRECTOR_NAME', '$COMPANY_SITE', '$COMPANY_ADDRESS', '$HEAD_LOCATION', '$HEAD_DIRECTORS_NAME', '$VICE_HEAD_NAME',
'$ALL_BOARD_MEMBER', '$BRIEF_DESC', '$EVALUE', '$NOTES', $this_userID, '$IP_ADD', $DATE_ADD)";
$result = $db->Execute($sql);
echo mysql_error();
print sql :
INSERT INTO comp
(
ID,
COMPANY_NAME,
ACTIVITY,
CITY,
NUM_COMPANY_FOLLOW,
NUM_BRANCH,
ASSETS,
PHONE1,
PHONE2,
E_MAIL,
DIRECTOR_NAME,
COMPANY_SITE,
COMPANY_ADDRESS,
HEAD_LOCATION,
HEAD_DIRECTORS_NAME,
VICE_HEAD_NAME,
BOARD_MEMBER,
BRIEF_DESC,
EVALUE,
NOTES,
USERID_ADD,
IP_ADD,
DATE_ADD
)
VALUES
(
NULL,
'ANAAM',
'hello1',
'jeddah',
,
,
'',
'6357007',
'6357006',
'',
'mr mohammed',
'',
'',
'',
'mr adnan',
'mr naser',
'',
'',
'',
'',
1,
'127.0.0.1',
1415180296
)

If you look at the value part of your query:
(NULL, 'ANAAM', 'hello1', 'jeddah', , , '', '6357007', '6357006', '', 'mr mohammed', '', '', '', 'mr adnan', 'mr naser', '', '', '', '', 1, '127.0.0.1', 1415180296)
You'll see , , ,, that creates an error as the data is empty. So put brackets around the numeric values like with your ascii values. Or use a default value (0?).
Also, remove the ID value in your sql-query, it's auto-increment.
Editted code:
$sql = "INSERT INTO comp (COMPANY_NAME, ACTIVITY, CITY, NUM_COMPANY_FOLLOW, NUM_BRANCH, ASSETS, PHONE1, PHONE2, E_MAIL, DIRECTOR_NAME, COMPANY_SITE, COMPANY_ADDRESS, HEAD_LOCATION, HEAD_DIRECTORS_NAME, VICE_HEAD_NAME,BOARD_MEMBER, BRIEF_DESC, EVALUE, NOTES, USERID_ADD, IP_ADD, DATE_ADD)
VALUES ('$COMPANY_NAME', '$ACTIVITY', '$CITY', '$NUM_COMPANY_FOLLOW', '$NUM_BRANCH', '$ASSETS', '$PHONE1', '$PHONE2',
'$E_MAIL', '$DIRECTOR_NAME', '$COMPANY_SITE', '$COMPANY_ADDRESS', '$HEAD_LOCATION', '$HEAD_DIRECTORS_NAME', '$VICE_HEAD_NAME',
'$ALL_BOARD_MEMBER', '$BRIEF_DESC', '$EVALUE', '$NOTES', '$this_userID', '$IP_ADD', '$DATE_ADD')";
$result = $db->Execute($sql);
echo mysql_error();

Looks data-dependent and the best way to fix our code is to rewrite the statements using dprepared statements. This would also avoid the vulnerability to SQL-Injections. Have a look at the answer to this question: How can I prevent SQL injection in PHP?

This means that you have an error in your syntax near ' , '196,000,000', '6357007', '6357006', '', 'mr. hasan', '', '', '' at line 2. In other words, it's a SQL error
This is because of the brief description in your query. The value of the variable is most certainly containing bad characters. Make sure you escape the string, if you have things like apostrophes or stuff like that...
Hope this helps! :D

We need definitely more code, like the echo of $sql.
But i've seen an additional error in the statement.
You define the ID as NOT NULL, auto increment and primary key. In the query, you set NULL for id. That will return an error.
Remove the column "ID" from the statement.

php get the row from serialize data where condition is satisfied

In mysql I have the table look like this
CREATE TABLE IF NOT EXISTS `fl_details` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`first_name` varchar(50) NOT NULL,
`last_name` varchar(50) NOT NULL,
`email` varchar(100) NOT NULL,
`phone` varchar(15) NOT NULL,
`country` varchar(100) NOT NULL,
`language_pair` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;
and the values inside table is like this. I have jut shown two entries. But there are more then 100 row present.
INSERT INTO `fl_details` (`id`, `first_name`, `last_name`, `email`, `phone`, `country`, `language_pair`) VALUES
(1, 'asdf', 'erty', 'testuser#gmail.com', '12345678909', 'Sri Lanka', 'a:2:{s:6:"source";a:2:{i:0;a:1:{i:0;s:6:"Arabic";}i:1;a:1:{i:0;s:10:"Belarusian";}}s:6:"target";a:2:{i:0;a:2:{i:0;s:8:"Assamese";i:1;s:11:"Azerbaijani";}i:1;a:2:{i:0;s:10:"Belarusian";i:1;s:7:"Bengali";}}}'),
(2, 'asth', 'erui', 'testname#gmail.com', '12312356789', 'India', 'a:2:{s:6:"source";a:1:{i:0;a:1:{i:0;s:7:"English";}}s:6:"target";a:1:{i:0;s:5:"English";}}');
Here you can see I have entered the values for language_pair is in php serialize format. So both source and target language is stored in that column.
Now I want to fetch the total row whose target language is Bengali. So can someone kindly tell me how to do this? Any help and suggestions will be really appreacible. Thanks

you can try something like this
SELECT * FROM fl_details WHERE language_pair REGEXP '.*"target";s:[0-9]+:"English".*'

PDO Insertion is not working

I don't know what have I done wrong. It isn't working.
I'm struck on this so long. I couldn't figure it out.
$sql="INSERT INTO hr_daily_claim(date,
site,
from,
to,
rental,
vehicle,
claim_id,
parking,
beverages,
others)
VALUES(:date,
:site,
:from,
:to,
:rental,
:vehicle,
:claim_id,
:parking,
:beverages,
:others)";
$stmt = $db->prepare($sql);
$stmt->execute(array(
':date' => $date,
':site' => $site,
':from' => $from,
':to' => $to,
':rental' => $rental,
':vehicle' => $vehicle,
':claim_id' => $cliamId,
':parking' => $parking,
':beverages'=> $beverages,
':others' => $others ));
Please someone help me.
It give me no error. But affected rows = 0; not inserting at all.
below is the table structure
`id` int(11) NOT NULL AUTO_INCREMENT,
`claim_id` varchar(45) DEFAULT NULL,
`date` varchar(10) DEFAULT NULL,
`site` varchar(45) DEFAULT NULL,
`from` varchar(45) DEFAULT NULL,
`to` varchar(45) DEFAULT NULL,
`rental` int(11) DEFAULT NULL,
`vehicle` int(11) DEFAULT NULL,
`parking` int(11) DEFAULT NULL,
`beverages` int(11) DEFAULT NULL,
`others` int(11) DEFAULT NULL,
`timestamp` timestamp NULL DEFAULT CURRENT_TIMESTAMP,

from, to are reserved words in MySQL. You need to wrap it in backticks.
$sql="INSERT INTO hr_daily_claim(
`date`,
`site`,
`from`, //<-------- This
`to`, //<-------- This
`rental`,
`vehicle`,
`claim_id`,
`parking`,
`beverages`,
`others`
)
Sidenote: There might be a typo in the $cliamId variable in ':claim_id' => $cliamId, which should probably read as ':claim_id' => $claimId,, so do check for that, because those variables are not posted in your question.
If one fails, your entire query will fail. Another thing to note is that $claimId and $claimid are not the same. Variables are case-sensitive.

write from and to words between quotes
`from`
`to`
just like in table structure code

Date Now() not going in to mysql database

Hi I have some code shown below, which inserts date_time and date in to the mysql fields using the now() command.
However the date_time field updates but the date field doesn't and I can not seem to work out why?
my mysql fields are datetime and date
INSERT INTO vistordetails1
(ipaddress, client_id, type, date_time, company_name, location, search_term, trafic_source, no_of_pages, date, country_code) VALUES('$ip_address', '$client_id', '$type', now(),'$fields[11]','$fields[6]', '$keyword', '$referer','1', now(), '$country_code')
Table Structure
`id` int(11) NOT NULL AUTO_INCREMENT,
`client_id` int(11) NOT NULL,
`master_id` int(11) NOT NULL,
`type` tinyint(1) NOT NULL ,
`date_time` datetime NOT NULL,
`company_name` varchar(250) NOT NULL,
`location` varchar(250) NOT NULL,
`no_of_pages` int(11) NOT NULL,
`trafic_source` varchar(250) NOT NULL,
`search_term` varchar(250) NOT NULL,
`is_repeater` tinyint(1) NOT NULL,
`classification` int(11) NOT NULL,
`owner` int(11) NOT NULL,
`alert_for_repeat_visit` tinyint(1) NOT NULL DEFAULT '0',
`is_hot_list` enum('0','1') NOT NULL DEFAULT '0',
`ipaddress` varchar(50) NOT NULL,
`country_code` varchar(10) NOT NULL,
`date` date NOT NULL,

Try using CURDATE() instead of NOW() for the date field.
$INSERT = "INSERT INTO vistordetails1
(ipaddress,
client_id,
type,
date_time,
company_name,
location,
search_term,
trafic_source,
no_of_pages,
date,
country_code)
VALUES(
'".mysql_real_escape_string(trim($ip_address))."',
'".mysql_real_escape_string(trim($client_id))."',
'".mysql_real_escape_string(trim($type))."',
now(),
'".mysql_real_escape_string(trim($fields[11]))."',
'".mysql_real_escape_string(trim($fields[6]))."',
'".mysql_real_escape_string(trim($keyword))."',
'".mysql_real_escape_string(trim($referer))."',
'".mysql_real_escape_string(trim(1))."',
CURDATE(),
'".mysql_real_escape_string(trim($country_code'))."')";
Also as a previous user mentioned you seriously need to make sure your data is escaped, or use mysql prepare.

If you need to convert a PHP date into a valid MySql date, then the only thing you need to do is
ensure that it is formatted correctly.
The default date/datetime format for Mysql is: yyyy-mm-dd and yyy-mm-dd hh:mm:ss
Something like this will work.
$phpDate = date('Y-m-d H:i:s', time());
However
Because you are creating a new date, why use PHP at all? Within MySql you can include the current date using NOW() function.
$sql = "INSERT INTO xyz (a, b, c, datetime) VALUES ('a', 'b', 'c', NOW());"
Additionally
You could apply a default value of CURRENT_TIMESTAMP to the table column. Meaning you wouldn't even need to pass any date
as the database will take care of it.
i.e ALTER TABLE test CHANGE datecolumn datecolumn DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP;

Paypal IPN - store data on database, update and delete

I'm using this example to store in the database the info coming from PayPal, my problem is that the database create two records for the same sale, one with the status of 'Pending' and one with the status 'Completed', both for the same sale.
How can I change this part of the code so if there is a sale with the same 'txn_id' I just update the 'payment_status' row OR delete the whole thing before update it with the new info. Note that there is two rows that will be different, 'payment_status' and 'createdtime' .
function updatePayments($data){
global $link;
if(is_array($data)){
$sql = mysql_query("INSERT INTO `payments` (txnid, payment_amount, payment_status, item_name, receiver_email, payer_email, custom, itemid, createdtime) VALUES (
'".$data['txn_id']."' ,
'".$data['payment_amount']."' ,
'".$data['payment_status']."' ,
'".$data['item_name']."' ,
'".$data['receiver_email']."' ,
'".$data['payer_email']."' ,
'".$data['custom']."' ,
'".$data['itemid']."' ,
'".date("Y-m-d H:i:s")."'
)", $link);
return mysql_insert_id($link);
}
}
Database structure
CREATE TABLE IF NOT EXISTS `payments` (
`id` int(6) NOT NULL AUTO_INCREMENT,
`txnid` varchar(20) NOT NULL,
`payment_amount` decimal(7,2) NOT NULL,
`payment_status` varchar(25) NOT NULL,
`item_name` varchar(50) NOT NULL,
`receiver_email` varchar(50) NOT NULL,
`payer_email` varchar(50) NOT NULL,
`custom` varchar(25) NOT NULL,
`itemid` varchar(25) NOT NULL,
`createdtime` datetime NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

Create a UNIQUE INDEX on txn_id (if one doesn't exist already) and then use either INSERT ... ON DUPLICATE KEY UPDATE or REPLACE in place of your existing INSERT.
UPDATE
In your case, to add the unique index:
ALTER TABLE payments ADD UNIQUE INDEX (txnid);
Then, append to the end of your INSERT statement:
ON DUPLICATE KEY UPDATE payment_status = '".$data['payment_status']"'
If you want to delete the existing record and replace it with your new one, just change the word INSERT to REPLACE instead.

Categories