INSERT statement just not working! (PHP+MYSQL) - php

I have a problem with INSERT SQL sentence. It just do nothing! (and not showing any error).
When I am printing $qry, it looks just fine.
what can be the problem?
This is the code:
<?php
include('conn.php');
$result=mysql_query("SET NAMES utf8 COLLATE utf8_general_ci",$mysql_link);
$result=mysql_query("SELECT * FROM users where userID=".$_SESSION['IDENT'],$mysql_link);
if (!$result)
{
echo "ERROR: error occured in MySQL query.";
}
else
{
if(mysql_num_rows($result)==1)
{
//This will be shown only to registered users.
while ($row=mysql_fetch_array($result))
{
if (($row['userRank']==100)||($row['userRank']==10))
{
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('" . $_POST['nname'] . "', '" . $_POST['username'] . "', '" . md5($_POST['userpass']) . "', '" . $_POST['email'] . "', 2, 1, '" . $_POST['cellphone1'] . "', '" . $_POST['cellphone2'] . "', '" . $_POST['street'] . "', '" . $_POST['city'] . "', " . $_POST['mikud'] . ", " . $_POST['oolam'] . ")";
$res=mysql_query($qry ,$mysql_link);
?><div align="center">
<table width="50%" height="20%" style="Border-Style:dotted;Border-Width:1px;Border-Color:a01220;background-color: rgba(190, 200, 230, 0.5);">
<td><div align="Center"><font face="Arial" size="2" color="Black"> SUCCESS!<br></div></td>
</table>
</div><div align="left">
<?php
echo $qry; ?>
</div><?php
}
Else
{
//SECURITY
}
}
}
}
include('cconn.php');
?>
The problem was I had another field in the table that I didn't treat in my INSERT statement at all.


In your query the mistake lines here..
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('" . $_POST['nname'] . "', '" . $_POST['username'] . "', '" . md5($_POST['userpass']) . "', '" . $_POST['email'] . "', 2, 1, '" . $_POST['cellphone1'] . "', '" . $_POST['cellphone2'] . "', '" . $_POST['street'] . "', '" . $_POST['city'] . "', " . $_POST['mikud'] . ", " . $_POST['oolam'] . ")";
use this
$nickname=mysql_real_escape_string($_POST['nname']);
$username=mysql_real_escape_string($_POST['username']);
$userpass=md5(mysql_real_escape_string($_POST['userpass']));
$useremail=mysql_real_escape_string($_POST['email']);
$userrank=2;
$useroolamR=1;
$userphone=mysql_real_escape_string($_POST['cellphone1']);
$userphone2=mysql_real_escape_string($_POST['cellphone2']);
$userstr=mysql_real_escape_string($_POST['street']);
$usercity=mysql_real_escape_string($_POST['city']);
$usermikud=$_POST['mikud'];
$useroolamid=$_POST['oolam'];
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('$nickname','$username','$userpass','$useremail', $userrank, $useroolamR,'$userphone','$userphone2','$userstr','$usercity',$usermikud,$useroolamid)";

Related

error Column count doesn't match value count at row 1

$query = "Insert Into dbo_dailyline (Entry_date, Work_Center, Shift_Length, Number_Sewers, Deduct_Hours, Garment_Type, Other, Quantity, Notes)
values ('" .$Entry_Date. "', '" . $Shift_Length . "', '" .$Coats . "', '" . $Number_Sewers . "', '" . $Deduct_Hours . "', '" . $Garment_Type . "' , '" . $Garment_Type . "', '" . $Other . "', '" . $Quantity . "', '" . $Notes . "')";
error Column count doesn't match value count at row 1

You have two time $Garment_Type remove one
$query = "Insert Into dbo_dailyline (
Entry_date
, Work_Center
, Shift_Length
, Number_Sewers
, Deduct_Hours
, Garment_Type
, Other
, Quantity
, Notes)
values ('" .
$Entry_Date. "', '" .
$Shift_Length . "', '" .
$Coats . "', '" .
$Number_Sewers . "', '" .
$Deduct_Hours . "', '" .
$Garment_Type . "' , '" .
$Other . "', '" .
$Quantity . "', '" .
$Notes . "')";

MySQL not inserting NULL Value

This is going to be an easy one for you but I'm a noob so I need help.
Here is my code, for whatever reason the else statement isn't executing. If I change the NULL value for a $variable = NULL it works, but enters an empty string into my database rather than the NULL value. Can anyone help with why?
if (isset($_POST['agreeto']))
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', '" . $_POST['comments'] . "')";
}else
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', " . NULL . ")" or die("couldn't execute my query");
}

MySQL requires the string=NULL and you are passing it the value of the php NULL constant.
if (isset($_POST['agreeto']))
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', '" . $_POST['comments'] . "')";
}else
{
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "',NULL)" or die("couldn't execute my query");
}

This should work as expected.
Try set the column to int, if this does not work.
INSERT INTO table (val1, val2) VALUES('String Value', NULL);
or set default column value to NULL.

A NULL value can not be enclosed in 'apostrophes'
Think about how you will get the SQL:
INSERT INTO table_name VALUES ('null','');?
The database may understand as a string

Just replace the 'NULL' value with NULL without the quotes.
$enter_feedback = "INSERT INTO feedback" . //(initial, surname, country_id, date, friend_score, return_score, service_score, comments)
" VALUES('" . $initial. "', '" . $lastname . "', '" . $country_id . "', NOW(), '" . $friend . "', '" . $return . "', '" . $service . "', NULL) " or die("couldn't execute my query");
Once you do that and save the record you will see NULL in the database column for that field when you browse via PHPMYADMIN. Please make sure that the field in question "comments" allows NULL.

Mysql Query is not working in edited jTable code, why?

I'm using this example: www.jtable.org
I've downloaded the jTable PHP version. I then edited the script. The jTable simple version is working, but my edited version isn't.
I can create a list, but I can't add a row; this code is causing problems. However, PHP doesn't display any error messages.
else if($_GET["action"] == "create")
{
//Insert record into database
$result = mysql_query("INSERT INTO veriler(bolge, sehir, firma, adres, tel, web) VALUES('" . $_POST["bolge"] . "', '" . $_POST["sehir"] . "', '" . $_POST["firma"] . "', '" . $_POST["adres"] . "', '" . $_POST["tel"] . "', '" . $_POST["web"] . "'");
//Get last inserted record (to return to jTable)
$result = mysql_query("SELECT * FROM veriler WHERE id = LAST_INSERT_ID();");
$row = mysql_fetch_array($result);
//Return result to jTable
$jTableResult = array();
$jTableResult['Result'] = "OK";
$jTableResult['Record'] = $row;
print json_encode($jTableResult);
}
What is the problem?

In this line, there is a problem:
$result = mysql_query("INSERT INTO veriler(bolge, sehir, firma, adres, tel, web) VALUES('" . $_POST["bolge"] . "', '" . $_POST["sehir"] . "', '" . $_POST["firma"] . "', '" . $_POST["adres"] . "', '" . $_POST["tel"] . "', '" . $_POST["web"] . "'");
The format for the INSERT query is:
INSERT INTO table (column1, column2, etc) VALUES (value1, value2, etc);
You missed a closing parenthesis for the VALUES part.
To improve your code, you can do something like this:
$result = mysql_query("YOUR QUERY") or die('ERROR: '.mysql_error());
And please read on SQL Injection.

here is the problem you forget the )
$result = mysql_query("INSERT INTO veriler(bolge, sehir, firma, adres, tel, web)
VALUES('" . $_POST["bolge"] . "', '" . $_POST["sehir"] . "', '" . $_POST["firma"] . "', '" . $_POST["adres"] . "', '" . $_POST["tel"] . "', '" . $_POST["web"] . "'");
use
$result = mysql_query("INSERT INTO veriler(bolge, sehir, firma, adres, tel, web) VALUES
('{$_POST["bolge"]}', '{$_POST["sehir"] }' , '{$_POST["firma"]}' , '{$_POST["adres"] }', '{$_POST["tel"]}', '{$_POST["web"]}' )" ) ;

first of all you can reduce one query of last_inset_id()
else if($_GET["action"] == "create")
{
//Insert record into database
$result = mysql_query("INSERT INTO veriler(bolge, sehir, firma, adres, tel, web) VALUES('" . $_POST["bolge"] . "', '" . $_POST["sehir"] . "', '" . $_POST["firma"] . "', '" . $_POST["adres"] . "', '" . $_POST["tel"] . "', '" . $_POST["web"] . "'"));
//Get last inserted record (to return to jTable)
//check youe result query you are missing something here
$id=mysql_insert_id();
//this will automatically give you last id
//Return result to jTable
$jTableResult = array();
$jTableResult['Result'] = "OK";
$jTableResult['id'] = $id;
$jTableResult['Record'] = $row;
$jTableResult['aderes'] = $_POST['adres'];
//and so on
print json_encode($jTableResult);
}

I just can't find the syntax error in this SQL query

Can you tell me what is wrong with this query? I just can't find the error, this is driving me insane.
<?php
$query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum)
VALUES (NULL,
" . mysql_real_escape_string($_POST[vorname]) . ",
" . mysql_real_escape_string($_POST[nachname]) . ",
" . mysql_real_escape_string($_POST[land]) . ",
" . mysql_real_escape_string($_POST[email]) . ",
" . mysql_real_escape_string($_POST[caption1]) . ",
" . mysql_real_escape_string($_POST[caption2]) . ",
" . mysql_real_escape_string($_POST[caption3]) . ",
" . mysql_real_escape_string($_POST[caption4]) . ",
" . mysql_real_escape_string($_POST[caption5]) . ",
CURRENT_TIMESTAMP)";
?>
'fortlaufend' is the primary index with AUTO_INCREMENT. The mysql_error is
Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'name, last name, country, email, What makes this photo special to you?, Wha' at line 3
Thank you!

You need single quotes for non-integer values.
<?php
$query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum)
VALUES (NULL,
'" . mysql_real_escape_string($_POST[vorname]) . "',
'" . mysql_real_escape_string($_POST[nachname]) . "',
'" . mysql_real_escape_string($_POST[land]) . "',
'" . mysql_real_escape_string($_POST[email]) . "',
'" . mysql_real_escape_string($_POST[caption1]) . "',
'" . mysql_real_escape_string($_POST[caption2]) . "',
'" . mysql_real_escape_string($_POST[caption3]) . "',
'" . mysql_real_escape_string($_POST[caption4]) . "',
'" . mysql_real_escape_string($_POST[caption5]) . "',
CURRENT_TIMESTAMP)";
?>

You havent use quotes in your query.
<?php
$query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum)
VALUES (NULL,
'" . mysql_real_escape_string($_POST[vorname]) . "',
'" . mysql_real_escape_string($_POST[nachname]) . "',
'" . mysql_real_escape_string($_POST[land]) . "',
'" . mysql_real_escape_string($_POST[email]) . "',
'" . mysql_real_escape_string($_POST[caption1]) . "',
'" . mysql_real_escape_string($_POST[caption2]) . "',
'" . mysql_real_escape_string($_POST[caption3]) . "',
'" . mysql_real_escape_string($_POST[caption4]) . "',
'" . mysql_real_escape_string($_POST[caption5]) . "',
CURRENT_TIMESTAMP)";
?>

escape null values(Nestoria UK)

I am able to retrieve data from a website(Nestoria) and store into my PostGIS database. However not every individual result that is returned have latitude and longitude values and as such they are not stored into the database. I tried using (pg_escape_string) so that it can return null values as double quotes(") but it didn't work. The field type of my lat and long columns in the database is "double precision".
This is a sample output of the error: ("Warning: pg_query() [function.pg-query]: Query failed: ERROR: invalid input syntax for type double precision: "" LINE 1: ...droom garden flat set in a period building with...', '', '') ^ in C:\XAMMP...\database.php on line 12")
Please see the code below for retrieving the data:
<?php
$url = ("http://api.nestoria.co.uk/api?action=search_listings&centre_point=51.5424,-0.1734,2km&listing_type=rent&property_type=all&price_min=min&price_max=max&bedroom_min=0&bedroom_max=0&number_of_results=50&has_photo=1&page=4");
$xml = simplexml_load_file($url);
foreach ($xml->response->listings as $entry) {
echo $entry->attributes()->title;
echo $entry->attributes()->bathroom_number;
echo $entry->attributes()->bedroom_number;
echo $entry->attributes()->datasource_name;
echo $entry->attributes()->guid;
echo $entry->attributes()->img_url;
echo $entry->attributes()->keywords;
echo $entry->attributes()->lister_name;
echo $entry->attributes()->listing_type;
echo $entry->attributes()->price;
echo $entry->attributes()->price_type;
echo $entry->attributes()->property_type;
echo $entry->attributes()->summary;
echo $entry->attributes()->latitude;
echo $entry->attributes()->longitude;
// Process XML file
}
?>
Find below the code to store values into database:
<?php
require 'nestoriauk.php';
// Opens a connection to a PostgresSQL server
$connection = pg_connect("dbname=postgis user=postgres password=xxxx");
// Execute query
foreach ($xml->response->listings as $entry) {
$query = "INSERT INTO nestoriaphp(title, bathroom, bedroom, datasource, guid, image, keywords, lister, listype, price, pricetype, property_type, summary, latitude, longitude) VALUES ('" . pg_escape_string($entry->attributes()->title) . "', '" . pg_escape_string($entry->attributes()->bathroom_number) . "', '" . pg_escape_string($entry->attributes()->bedroom_number) . "', '" . pg_escape_string($entry->attributes()->datasource_name) . "', '" . pg_escape_string($entry->attributes()->guid) ."', '" . pg_escape_string($entry->attributes()->img_url) . "', '" . pg_escape_string($entry->attributes()->keywords) . "', '" . pg_escape_string($entry->attributes()->lister_name) . "', '" . pg_escape_string($entry->attributes()->listing_type) . "', '" . pg_escape_string($entry->attributes()->price) . "', '" . pg_escape_string($entry->attributes()->price_type) . "', '" . pg_escape_string($entry->attributes()->property_type) ."', '" . pg_escape_string($entry->attributes()->summary) . "', '" . pg_escape_string($entry->attributes()->latitude) . "', '" . pg_escape_string($entry->attributes()->longitude) . "')";
$result = pg_query($query);
printf ("These values are inserted into the database - %s %s %s", $entry->attributes()->title, $entry->attributes()->bathroom_number, $entry->attributes()->bedroom_number, $entry->attributes()->datasource_name, $entry->attributes()->guid, $entry->attributes()->img_url, $entry->attributes()->keywords, $entry->attributes()->lister_name, $entry->attributes()->listing_type, $entry->attributes()->price, $entry->attributes()->price_type, $entry->attributes()->property_type, $entry->attributes()->summary, $entry->attributes()->latitude, $entry->attributes()->longitude);
}
pg_close();
?>
Yemi

If a POI has no lat-lon, which value it has? empty string?
assuming that an empty string is returned when there is no lat-lon.
$lon = "NULL";
if($entry->attributes()->longitude != "")
$lon = "'".$entry->attributes()->longitude."'";
$lat = "NULL";
if($entry->attributes()->latitude != "")
$lat = "'".$entry->attributes()->latitude."'";
so query looks like this:
$query = "INSERT INTO nestoriaphp(title, bathroom, bedroom, datasource, guid, image, keywords, lister, listype, price, pricetype, property_type, summary, latitude, longitude) VALUES ('" . pg_escape_string($entry->attributes()->title) . "', '" . pg_escape_string($entry->attributes()->bathroom_number) . "', '" . pg_escape_string($entry->attributes()->bedroom_number) . "', '" . pg_escape_string($entry->attributes()->datasource_name) . "', '" . pg_escape_string($entry->attributes()->guid) ."', '" . pg_escape_string($entry->attributes()->img_url) . "', '" . pg_escape_string($entry->attributes()->keywords) . "', '" . pg_escape_string($entry->attributes()->lister_name) . "', '" . pg_escape_string($entry->attributes()->listing_type) . "', '" . pg_escape_string($entry->attributes()->price) . "', '" . pg_escape_string($entry->attributes()->price_type) . "', '" . pg_escape_string($entry->attributes()->property_type) ."', '" . pg_escape_string($entry->attributes()->summary) . "', " . $lat . ", " . $lon . ")";
Note that the NULL value has no '' in sql.

Categories