I tried both
$query = "INSERT INTO reservation VALUES ('".$hour."','".$minute."','".$day."','".$month."','".$year."','".$name."','".$table."')";
$query = "INSERT INTO reservation VALUES ('$hour','$minute','$day','$month','$year','$name','$table')";
But none of them work, I get a blank page, and no errors in my error logs. I tried doing echo to all the variables and I got their values.
Here is the overall function:
function makeReservation($trtime,$hour,$minute,$day,$month,$year,$name,$table,&$db)
{
//$query = "INSERT INTO reservation VALUES ('".$hour."','".$minute."','".$day."','".$month."','".$year."','".$name."','".$table."')";
$query = "INSERT INTO reservation VALUES ('$hour','$minute','$day','$month','$year','$name','$table')";
$result = $db->query($query) or die(mysql_error());
}
I'll make a few suggestions. First, I'll assume that you actually know what you're doing when you say there is no error.
1) Make sure you work on the good database. You can do a SHOW TABLES query to see what tables it contains, or a SELECT * FROM reservation to see its content.
2) Right after you insert the row, do a SELECT * FROM reservation query and check if your row is there.
3) Make sure you call your function...
Then, as I said in comments, you should use the DATETIME type instead of using different columns for hours, minutes, etc. If you need to select a particular attribute, use the appropriate function (for example, SELECT HOUR(your_column))
The quotes around integers shouldn't make your query fails, but it's still better for clean code purposes to remove them if not necessary (and make sure you escape your data correctly, of course).
The php you posted looks fine.
If you're getting a blank page, it's likely that something is failing before the function calls. Maybe a parsing error?
If you're not seeing anything in the error logs, try changing your error logging settings in the php.ini.
display_errors = E_ALL
If you're on shared hosting, you can often override using .htaccess http://davidwalsh.name/php-values-htaccess
Related
I'm trying to output a simple list with all the usernames registered on a single e-mail address in our database. The SQL queries necessary for it shouldn't be too hard, but apparently they are too hard for me - here's my issue:
$sql = "SELECT emailaddress FROM ".db_prefix("accounts")." where acctid = '$mailid'";
$mailadress = db_query($sql);
That one's working just fine - I'm declaring mailid in a earlier part of the code, and with that query I can output the e-mail adress (for debugging) of the currently logged in user without any problems. Fine so far.
$sql = "SELECT name FROM ".db_prefix("accounts")." where emailadress ='$mailadress'";
$charakterliste = db_query($sql);
Here's the issue: $charakterliste seems to stay empty, even though I'm pretty sure my syntax is correct. var_dump() and print_r() don't return anything that would point towards the array/variable containing something.
I've double checked and executed a similar query directly in the SQL database and found no problems there - all the fields I'm calling do exist, and the DB connection is fine too. I guess something is wrong in my syntax for the second SQL query? I'd want to list all the names saved in the $charakterliste afterwards with a foreach loop, but as of now there doesn't seem to be anything to list saved in there, although there should be.
Thanks in advance!
Are you sure the column 'emailadress' exist?
Maybe it's 'emailaddress' with two 'd'?
According to your first line of code it should be 'emailaddress'.
$sql = "SELECT name FROM ".db_prefix("accounts")." where emailaddress ='$mailadress'";
$charakterliste = db_query($sql);
I have a login script in which I also execute a query to log when and from where people try to log in to my site. This little piece of code doesn't return any errors and the header works, but the query doesn't work for some reason. Does anyone have any idea what I'm doing wrong?
if($count==1){
$securityquery = "INSERT INTO security_kk (action,datetime,country,IP,Affected table,comment) VALUES (:action,:datetime,:country,:IP,:Affected_table,:comment)";
$q = $db->prepare($securityquery);
$q->execute(array(':action'=>"Login",
':datetime'=>$datetime,
':country'=>$country,
':IP'=>$_SERVER['REMOTE_ADDR'],
':Affected_table'=>"members",
':comment'=>"Authenticated as ".$myusername));
$_SESSION['username'] = $myusername;
$_SESSION['privileges'] = $row['privileges'];
$_SESSION['email'] = $row['email'];
header("location:index.php");
}
I'm a beginner at PDO, but since there are no errors. I don't know where to look.
datetime is a data type in MySQL. Wrap that column identifier in ticks. Also, column identifiers with spaces in their name must be wrapped in ticks.
$securityquery = "INSERT INTO security_kk (`action`,`datetime`,`country`,`IP`,`Affected table`,`comment`) VALUES (:action,:datetime,:country,:IP,:Affected_table,:meta)";
Your error (or possibly one of the errors) is the difference between
:meta // your query contains this
and
':comment'=>"Authenticated as ".$myusername;
Your array has no value for the placeholder named :meta
It doesn't hurt to check for errors using the error checking functions though, rather than having others try to figure out a simple typo.
while there aren't any errors
Because you aren't checking for them.
DateTime is a datatype of mysql.
check your Affected table column name - No space in column name
best way to use like below.
$securityquery = "INSERT INTO security_kk (action,[datetime],country,IP,Affected table,comment) VALUES (:action,:datetime,:country,:IP,:Affected_table,:meta)";
mysql_query running an UPDATE query isn't working for me, what am I doing wrong?
if($get_ip['user_ip']== ''){
$insert_ip = mysql_query("UPDATE user SET user_ip='$user_ip' WHERE username='$username' AND password='$password'");
if(!$insert_ip){
$message = 'invalid query'.mysql_error();
die($message);
}else{
echo ('success!');
};
};
Basically I am trying to update the table user at user_ip row with value ip_user, if user_ip field is empty of course.
So nothing updating and the user_ip filed remains empty please help.
There are two things I can see on your script.
you are using if($get_ip['user_ip']== '') statement, which will insert data when $get_ip['user_ip'] is only empty or it will ignore to insert data when $get_ip['user_ip'] have some data.
You are using SET user_ip='$user_ip' on update query, I may not be correct, however I assume that you are trying to store data from $get_ip['user_ip'], if this is the situation use SET user_ip='$get_ip['user_ip']' instead of SET user_ip='$user_ip' on your insert query.
if($get_ip['user_ip']== '')
won't work except if $get_ip['user_ip'] is empty.
use
if(!empty($get_ip['user_ip']))
instead
There are just soooo many things wrong here, but in the interest of being helpful:
Assign the query string to variable rather than directly injecting it into the mysql_query function. Then, echo this string out. This will show you want you are sending to the database. Copy that output somewhere, and then log into whatever you use to manage your database (I assume it'll be phpMyAdmin). Open up your database and then the table you're targeting, and then use the query editor to run your query (paste the output you copied earlier).
If your query string isn't what you expected, you have a code error.
If your query is as you expected, and runs in the database tool, you
likely have a permissions issue with the user account you're using in
your connection string.
If your query is as expected, but doesn't run correctly in your
database tool, your problem most likely is a schema error.
I'm trying to add new entries to an sql database using php,
i can add a new entry, but it adds 2 blank lines to the database.
The query i use is
$query = "INSERT INTO dbo.Products (Name,Id,Price) VALUES ('$NewName','$NewId','$Price')";
$result = sqlsrv_query($conn3, $query);
any ideas why it'd do that?
Try using VALUE instead of VALUES to make sure only a single entry is added.
This should limit the insertion to a single item only. It then depends if you are keen to debug the issue more thoroughly to see what was the problem.
Lastly, it never hurts to check if the variables are all properly escaped.
You can try
$sql = "INSERT INTO dbo.Products (Name,Id,Price) VALUES('%s','%d','%f')";
$result = sqlsrv_query($conn3, sprintf($sql,mysql_real_escape_string($NewName),$NewId,$Price));
I'd like to automatically execute the following PHP script to autmoatically delete a row in table after 3 days. However, the script seems not working, even though the query already yield the correct result. I've tried to run it manually, and it also worked. I'm not sure whether I've written the script correctly, but here's the code:
<?php
require_once('../../resources/db_connect.php');
$query = "DELETE FROM user_orders WHERE date_order < DATE_SUB(CURDATE(), INTERVAL 3 DAY) AND ID_status_order = 1";
$result = #mysql_query($query);
?>
I'm using xampp on Windows. I've tried to execute it via Windows Task Scheduler, but I don't think it's working. Any other idea?
Cheers
Hidding errors are not good enough. Thry and remove the # first and see what errors you are having. Come back and give the errors.
echo mysql_query($query) or mysql_error()
You aren't doing any error checking, and with the # in front of commands even actively suppressing errors. Use this to check for errors with your query or database connection:
mysql_query($query) or die(mysql_error());
If you want to check your query but don't want it to delete everything, add another condition to it:
... AND 1=0
which is always false, thus nothing gets deleted. MySQL will still check your query and give you errors, if e.g. some fields or the table are unknown.