Hi
I have two mysql problems
a) I'm confused on why this code won't add data to my database:
$con = mysql_connect("localhost","username","password");
mysql_select_db("database", $con);
$sql="INSERT INTO Table ('adder', 'username')
VALUES('$myusername','$username1')";
mysql_query( $sql, $con ) or trigger_error( mysql_error( $con ), E_USER_ERROR );
here is the full error: "you have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Add (username, name, number) VALUES('56', 'Name', 'number')' at line 1"
and before you ask, yes the data is there
b) I'm having problems with mysql_fetch_array
This is the code:
mysql_connect("$host", "$mysqlusername", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql = "SELECT * FROM Add WHERE adder=\"$username\"";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
if (empty($row)) {
echo "$username hasn\'t added anyone";
}
else {
while($row = mysql_fetch_array($result)){
echo "<".$row[username]."";
}
}
The error here is:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in....
And yes the data is there on the database aswell..
Any ideas??
Thanks for the help :)
Niall
a) You really should have included the complete error, but I'm fairly certain the syntax error is that you are attempting to put the names of columns in single quotes, which is not allowed. You should instead use backticks (the key to the left of "1" on your keyboard):
$sql="INSERT INTO Table (`adder`, `username`)
VALUES('$myusername','$username1')";
b) Again, please include the full error. That warning occurs when the mysql_query function fails, since $result is just the value false instead of a MySQL resource. What is the value of $username when you get that error? It's likely something is causing the query to be invalid.
You should have said "INSERT INTO TABLE `Add`(`adder`, `username`)"
and Add should be enclosed in backticks (`) because it could be a reserved word, and you shouldn't name a table like that.
Related
This question already has an answer here:
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE) [duplicate]
(1 answer)
Closed 7 years ago.
I don't where I'm going wrong. I keep getting the following error:
Parse error: syntax error,unexpected ";' (T_Encapsed_AND_WHITESPACE) in C:\xampp\htdocs...
This line is where it seems like where the error located.
$query="SELECT * FROM `memberinfo` WHERE `memberid` = '".$mymemberid."'"' ;
Full code:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="memberaccess"; // Database name
$tbl_name="memberin"; // Table name
//Declare $mymemberid as the data is submitted in the form under the "memberid" field
$mymemberid = ($_POST['memberid']);
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//select the row in the table that matches the passed variable from the form submission
$query="SELECT * FROM `memberinfo` WHERE `memberid` = '".$mymemberid."'"' ;
$result=mysql_query($query);
if (!$result) {
die(mysql_error());
}
// assign mySQL values from table to php variables
$balance=mysql_result($result,1,"balance");
$fname=mysql_result($result,1,"FirstName");
$lname=mysql_result($result,1,"LastName");
$address=mysql_result($result,1,"address");
$city=mysql_result($result,1,"city");
$email=mysql_result($result,1,"email");
//close the mySQL connection
mysql_close();
?>
Fix this line:
$query="SELECT * FROM `memberinfo` WHERE `memberid` = '".$mymemberid."'"' ;
to this
$query="SELECT * FROM `memberinfo` WHERE `memberid` = '".$mymemberid."'";
Additional hints:
don't use mysql_* - instead use mysqli or PDO
escape you params with mysql_real_escape_string! => read about SQL Injections
You have error in sql query
Try This
"SELECT * FROM `memberinfo` WHERE `memberid` = '".$mymemberid."'";
Anyone can help me pls!
This code supposed to compare between the passkey from the confirmation email and the confirm_code from the database and if the two value are identical it update "verified" row from null to 1.
Thank you and sorry for my english :/
//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");
$passkey=$_GET['passkey'];
$confirm_code=$_GET['confirm_code'];
if($confirm_code == '$passkey';){
$sql1="UPDATE $tbl_name SET verified='1' WHERE $confirm_code ='$passkey'";
echo "Confirmation code verified!!!";
}
else {
echo "Wrong Confirmation code";
}
?>
Change if($confirm_code == '$passkey';){ to if($confirm_code == "$passkey"){
Also notice the double quotes around $passkey.
Check your syntax first, maybe this is the problem here :
if($confirm_code == "$passkey"){
Are you not supposed to retrieve first the passkey from database then compare it with the one GET from URL ? Here you use GET for both of them.
You have an incorrect SQL statement
$sql1="UPDATE $tbl_name SET verified='1' WHERE $confirm_code ='$passkey'";
That $confirm_code should be confirm_codeand should correspond to the column in your table having the stored key. So you will be simply updating the record where the passed key is equal to the stored key.
http://jsfiddle.net/Fd9wx/
I made this to help solve my problem
so I have some php code and html code that should send sql Query's to the database upon the html table I have created like to set up new databases but then I fill out my form and click run it does not want to work for me. I did some google research and got nothing back now before you say "use PDO and This is no longer supported" PDO is hard for me to use because I dont understand some of it I will use it later on but not now, also I did make this script here from hand so dont say "contact script dev" if some one could point me in right direction to solving my problem or just way to make my sql errors show in my script? like the line what to remove and all
here is main part of my script
$tablename=$_POST['tablename'];
$value=$_POST['value'];
$type=$_POST['type'];
$length=$_POST['length'];
$collation=$_POST['collation'];
$attributes=$_POST['attributes'];
$null=$_POST['null'];
$extra=$_POST['extra'];
// Insert data into mysql
$sql="CREATE TABLE `a7972613_db`.`$tablename` (
`field1` $type( $length ) $null $extra
) ENGINE = MYISAM";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
}
else {
echo "Please Go Back And Check Your Errors!";
}
thats my main part
The problem with your code is you have not selected the database.
$host = "xxxxx";
$database = "xxxxx";
$user = "xxxx";
$password = "xxxxx";
// Connect to server and select database.
mysql_connect("$host", "$user", "$password")or die("cannot connect");
Use below code for selecting database
// Connect to server and select database.
$conn = mysql_connect("$host", "$user", "$password")or die("cannot connect");
mysql_select_db($database,$conn);
and another problem is when your query fails, you have hardcoded the error,but use below code for checking where is the problem in your query
$result=mysql_query($sql) or die(mysql_error());
Change your query to
$result = mysql_query($sql) or die("Error with $sql: " . mysql_error());
with mysql_error(), you will see what your problem is.
You can dump your $sql string in order to see, whether it is correct
echo $sql;
I am trying to see if there is a match from a form to my database. here is my php code:
<?php
$host="localhost"; // Host name
$username="****"; // Mysql username
$password="*****"; // Mysql password
$db_name="*****"; // Database name
$tbl_name="public"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$door=$_POST['door'];
$postcode=$_POST['postcode'];
// To protect MySQL injection (more detail about MySQL injection)
$door = stripslashes($door);
$postcode = stripslashes($postcode);
$door = mysql_real_escape_string($door);
$postcode = mysql_real_escape_string($postcode);
$sql="SELECT * FROM $tbl_name WHERE door ='$door' AND postcode='$postcode' AND active = 'not_activated' AND ref = '". $_SESSION['ref']."'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
header("location:securityquestion.php");
}
?>
the error message i am getting is as follows:
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/jahedhus/public_html/system/checkdetails.php on line 36
line 36 is $count=mysql_num_rows($result);
what am i doing wrong here?
Because, just like many, many others here, the code blindly assumes that the query succeeded and everything is fine. Check for errors after each operation. Most of the functions return false when they fail.
Because your query failed.
php.net/mysql-query: "For SELECT, SHOW, DESCRIBE, EXPLAIN and other statements returning resultset, mysql_query() returns a resource on success, or FALSE on error."
Try this:
$result=mysql_query($sql) or die(mysql_error());
You need to do two things:
Find out what the MySQL error is, as already suggested
$result=mysql_query($sql) or die(mysql_error());
You need to sanitize everything that goes into the query. Although you sanitize $door and $postcode, you don't sanitize $_SESSION['ref']. You should and run it through mysql_real_escape_string(). I don't know what you are storing in it, but perhaps that's where the code is breaking because of unescaped characters?
In theory I guess $_SESSION is stored server side, but personally I still wouldn't trust it, and I'd escape everything that goes into a MySQL query.
I think answer lies in the curly braces:
$sql="SELECT * FROM $tbl_name WHERE door ='{$door}' AND postcode='{$postcode}' AND active = 'not_activated' AND ref = '". $_SESSION['ref']."'";
$result=mysql_query($sql);
See the code below, there are two databases connections.
First it get the data from first connection and then insert into second database connection but it will not insert - I can an error saying Unknown column 'fullname' in 'field list'
When I tried SQL query manually in phpMyAdmin and it work fine...
$db_new = mysql_connect('localhost', 'root', 'password');
if (!mysql_select_db("menu_new", $db_new)) {
die("Cant connect menu_new DATABASE");
}
$db_old = mysql_connect('localhost', 'root', 'password');
if (!mysql_select_db("old_menu", $db_old)) {
die("Cant connect old_menu DATABASE");
}
$SQL_old = "SELECT * FROM old_table";
$q = mysql_query($SQL_old, $db_old);
while ($row = mysql_fetch_assoc($q)) {
$name = $row['name'];
$SQL = "INSERT INTO tbl_name (fullname) values ('$name')";
//Problem Here - It wont insert into second database
mysql_query($SQL, $db_new) or die(mysql_error($db_new));
}
Nothing is strange in this behavior. Just add the $link parameter on your mysql_connect calls, and set it to true. By default it is False and it means that reusing this function with the same parameters, which is what you're doing as the db name is not on your mysql-connect, will reuse existing connexion with same parameters. So you have two variables but only one connexion.
It means you're simply moving the db used in this connexion. Prefixing with the db name fixed the problem as MySQL allow inter-base manipulations from the same connexion if it's on the same db server.
Thanks #Konerak for suggestion and that does work!
To Insert/Select data from Database connection, you will have to include database name before the table name.
For Example
From:
mysql_query("INSERT into tbl_name (fullname) values ('1')", $db_new) or die(mysql_error($db_new));
To:
mysql_query("INSERT into menu_new.tbl_name (fullname) values ('1')", $db_new) or die(mysql_error($db_new));
That is really odd though.