<?php
$ip = $_SERVER['REMOTE_ADDR'];
$date = date("d/m/y : H:i:s", time());
$dbc = mysqli_connect('localhost', 'root', 'derp', 'derpdb')
or die("Database connection fried.");
$query = "INSERT INTO ipstore (tstamp, ip), " .
"VALUES ('$date', '$ip')";
mysqli_query($dbc, $query);
mysqli_close($dbc);
?>
Can anyone tell me what's wrong with this code? It's meant to store the users IP/date they requested the page in the database. I've tried replacing localhost with 127.0.0.1, no luck. It doesn't bring a message, so it must be connected, however when it comes to querying it just doesn't do it. And it doesn't give a warning. I've checked the DB, nothings there.
Also don't worry, nothing sensitive is there ;)
Thanks
$query = "INSERT INTO ipstore (tstamp, ip), " . "VALUES ('$date', '$ip')";
You are not supposed to use a comma after specifying columns - try
$query = "INSERT INTO ipstore (tstamp, ip) VALUES ('$date', '$ip')";
try it this way
$query = mysql_query("INSERT INTO ipstore (tstamp,ip) VALUES ('$date', '$ip')") or die(mysql_error()); if($query) {echo 'Success'; esle { echo 'Failed'; }
And you will get success for sure
Related
I was trying to insert data into multiple data tables. It's only working for single data tables, I'm just wondering how I would be able to insert data into two data tables. I've been struggling with this issue for the past few hours and can't seem to get to the bottom of it. If anyone has any advice please let me know. :)
<?php
/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
$link = mysqli_connect("localhost","ivodatat","","");
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
// Inputs for security
$fname = mysqli_real_escape_string($link, $_REQUEST['fname']);
$sname = mysqli_real_escape_string($link, $_REQUEST['sname']);
$address = mysqli_real_escape_string($link, $_REQUEST['address']);
$email = mysqli_real_escape_string($link, $_REQUEST['email']);
$phone = mysqli_real_escape_string($link, $_REQUEST['phone']);
$mac = mysqli_real_escape_string($link, $_REQUEST['mac']);
$installer = mysqli_real_escape_string($link, $_REQUEST['installer']);
$status = mysqli_real_escape_string($link, $_REQUEST['status']);
// Insert Query
$sql1 = "INSERT INTO leadlist (fname, sname, address, email, phone, mac, installer, status) VALUES ('$fname', '$sname', '$address', '$email', '$phone', '$mac', '$installer', '$status')";
$sql2 = "INSERT INTO $installer (fname, sname, address, email, phone, mac, installer, status) VALUES ('$fname', '$sname', '$address', '$email', '$phone', '$mac', '$installer', '$status')";
if (mysqli_multi_query($link, $sql1, $sql2)){
mysqli_close($conn);
header("Location: installercontrol.php");
exit;
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// Close The Connection
mysqli_close($link);
?>
To use mysqli_multi_query you need to append the queries to each other as it only takes one query argument. From the manual:
Executes one or multiple queries which are concatenated by a semicolon.
Try this instead:
mysqli_multi_query($link, $sql1 . ';' . $sql2)
You should probably also update your error message:
echo "ERROR: Could not able to execute $sql1;$sql2. " . mysqli_error($link);
I'm on ubuntu running on apache2.
<?php
$con = mysqli_connect("localhost", "root", "password", "loops");
if (!mysqli_connect_errno()) {
echo "Error to connect: ".mysqli_connect_error();
}
$firstName = $_POST['firstname'];
$lastName = $_POST['lastname'];
$age = $_POST['age'];
echo "First: ".$firstName."<br />Age: ".$age;
$sql = "INSERT INTO persons (FirstName, LastName, Age)
values (".$firstName.",".$lastName.",".$age.")";
if (!mysqli_query($con)) {
die("Error :".mysqli_error($con);
}
echo "1 added";
mysqli_close($con);
?>
I don't know what to do now, but the error seems to be on the '$sql', 'cause when I put that
under a comment, the rest works...
You forgot the infamous mistake of wrapping the varchar variables with single quote '
"INSERT INTO persons (FirstName, LastName, Age)
values ('".$firstName."','".$lastName."','".$age."')";
Additionally, It's highly risky for you, not be using protections against SQL Injections
Try this, mysqli_query($con, $sql) You need to execute the query so that it will store into the database
$sql = "INSERT INTO persons (FirstName, LastName, Age)
values ('".$firstName."','".$lastName."','".$age."')";
if (!mysqli_query($con, $sql)) {
...................^
die("Error :".mysqli_error($con);
}
Try this:
$sql = "INSERT INTO persons (`FirstName`, `LastName`, `Age`) values (".$firstName.",".$lastName.",".$age.")";
If this doesn't work, what error do you get.
I need simple code using PHP to get the current date/time using TIMESTAMP and insert this into a database.
I have a field called "ArrivalTime" within a database as TIMESTAMP.
EDIT:
<?php
$con = mysql_connect("localhost","root","") or die('Could not connect: ' . mysql_error());
mysql_select_db("a&e", $con) or die('Could not select database.');
// validate
$time = time(); $date = date('Y-m-d H:i:s',$time);
$sql="INSERT INTO Patient(Forename, Surname, Gender, Date_Of_Birth, Address, Patient_History, Illness, Priority, Arrival_Time)
VALUES('$patient_name', '$patient_lastname', '$gender', '$date', '$address', '$history', '$illness', '$priority', '$time')";
mysql_query($sql,$con) or die('Error: ' . mysql_error());
echo "1 record added";
// close connection
mysql_close($con);
?>
Many thanks
main.php
<?php
require('connect.php');
$time = time();
$sql = "INSERT INTO yourtablename (ArrivalTime) Values ('$time')";
mysql_query($sql);
?>
P.S: in the sql statement i'm sure you'll need to put other things in the other fields ,so you just replace the one above by this:
$sql = "INSERT INTO yourtablename (field1, field2, ArrivalTime) Values ('$value1','$value2','$time')";
connect.php
<?php
$error = "Couldn't connect";
$connect = mysql_connect("localhost","username","password") or die($error);
mysql_select_db("yourdatabase") or die($error);
?>
The query will be:
INSERT INTO mytable(ArrivalTime) VALUES(UNIX_TIMESTAMP())
mysql has a function UNIX_TIMESTAMP() for getting a Unix timestamp as an unsigned integer.
Example:
mysql> SELECT UNIX_TIMESTAMP();
-> 1196440210
So you can use this sql query:
insert into tableName(ArrivalTime) values(UNIX_TIMESTAMP())
When my form is submitted (via Ajax), I'm getting the following error message:
[17-Oct-2012 11:46:29] PHP Warning: mysqli_query() [<a href='function.mysqli-query'>function.mysqli-query</a>]: Empty query in /home1/xenongro/public_html/testing/enrolment/thanks.php on line 32
I have a suspicion that it's something to do with the if/else statements, but not sure what the actual problem is.
Can anyone help?
<?php
$firstname = htmlspecialchars(trim($_POST['fname']));
$lastname = htmlspecialchars(trim($_POST['lname']));
$worktel = htmlspecialchars(trim($_POST['worktel']));
$dbc = mysqli_connect('localhost', 'xxxxx', '<xxxx>', 'xxxx')
or die ('Could not connect to MySQL server.');
if ($level != "IOSH Managing Safely"){
if ($funding == "Self Funding"){
$query = "INSERT INTO enrolments (fname, lname, worktel)" .
"VALUES ('$firstname', '$lastname', '$worktel')";
}
else if ($funding == "Employer Funding"){
$query = "INSERT INTO enrolments (fname, lname, worktel)" .
"VALUES ('$firstname', '$lastname', '$worktel')";
}
}
else if ($level == "IOSH Managing Safely"){
if ($funding == "Self Funding"){
$query = "INSERT INTO enrolments (fname, lname, worktel)" .
"VALUES ('$firstname', '$lastname', '$worktel')";
}
else if ($funding == "Employer Funding"){
$query = "INSERT INTO enrolments (fname, lname, worktel)" .
"VALUES ('$firstname', '$lastname', '$worktel')";
}
}
$result = mysqli_query($dbc, $query)
or die ('error querying database');
mysqli_close($dbc);
?>
try
var_dump($query);
var_dump($funding);
just before
$result = mysqli_query($dbc, $query);
it'll give you more information
I suspect that $funding might have slight variation to your constant strings
might be typo / extra space / cap case
There are two situation where no query is being set:
the level does not match the string, or the funding does not match the string.
It might be a problem with the spaces.
Worse, you don't use mysql_real_escape_string and unless magic_quotes_gpc is on, this allows an attacker to inject his SQL.
$funding doesn't appear to be defined in the code example provided, so none of your if's will match.
Query is running however not being sent to SQL server.
My Current Register Script.
$link = mysqli_connect("$server", "$user", "$pass", "$webdb");
$username = mysqli_real_escape_string($link, (string) $_POST['username']);
$displayname = mysqli_real_escape_string($link, (string) $_POST['display_name']);
$email = mysqli_real_escape_string($link, (string) $_POST['email']);
$password = sha1((string) $_POST['password']);
$query="INSERT INTO user (`username`, `nicename`, `email`, `password`)
VALUES ('$username', '$displayname', '$email', '$password', '1')";
mysqli_query($link, $query);
mysqli_close($link);
echo $query;
?>
The output I recieve from the Query:
INSERT INTO user (username, nicename, email, password) VALUES ('orion5814', 'Orion5814', 'my#abc.com', '72f2ac484bee398758e769530dd56228d905884d', '1')
I've checked all my link variables and they're all set correctly as far as having the right information in place, so I don't know where else to go from here. Sorry for all the questions; you can view it at doxramos.org if you think it would help at all.
The query is flawed. You name 4 columns (username, nicename, email, password), but you list 5 values ('orion5814','Orion5814','my#abc.com','72f2ac484bee398758e769530dd56228d905884d','1')
If you remove the last value, the query should work.
Also, you could simplify your code by using the object oriented interface to mysqli like this:
$username = $link->real_escape_string($_POST['username']);
and
$link->query($query);
$link->close();
You also don't need to explicitly cast the variables as strings since that is done automatically if needed for your code.
As jordi12100 suggested it is good pratice that you check errors while you connecting to database or executing queries.
You can do it like this:
$link = mysqli_connect("$server", "$user", "$pass", "$webdb") or die( "Error:" . mysqli_connect_error());
mysqli_query($link, $query) or die ("Error:" . mysqli_error($link));
This can give you idea what you did wrong.
Hope this helps.
Probarly an error in your query.
Catch the error with mysqli_error();