|
PHP - Insert A Row In Sql Using Textbox Error
Hi,
I am working on a script that will add 3 sets of information to a MySQL table. I had a script that had the fields of username password and password2. It worked just fine when password2 was used for verification to make sure you typed it right. But now I want to take password and turn it into a new data field that is submitted into the new row with the other information. The problem is it wont add the row. The script says it worked just fine but i check the db and no new row. here it is: <?php // Connects to your Database mysql_connect("//", "//", "//") or die(mysql_error()); mysql_select_db("//") or die(mysql_error()); //This code runs if the form has been submitted if (isset($_POST['submit'])) { //This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) { die('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } // this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass']) { die('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); $_POST['pass2'] = addslashes($_POST['pass2']); } // now we insert it into the database $insert = "INSERT INTO users (username, password, Human-Readable) VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['pass2']."')"; $add_member = mysql_query($insert); ?> <h1>Registered</h1> <p>Thank you, you have registered - you may now login</a>.</p> <?php } else { ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="10"> </td></tr> <tr><td>HR:</td><td> <input type="password" name="pass2" maxlength="10"> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table> </form> <?php } ?> And incase you want to see it here is the original: <?php // Connects to your Database mysql_connect("//", "//", "//") or die(mysql_error()); mysql_select_db("//") or die(mysql_error()); //This code runs if the form has been submitted if (isset($_POST['submit'])) { //This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) { die('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } // this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass2']) { die('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO users (username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); ?> <h1>Registered</h1> <p>Thank you, you have registered - you may now login</a>.</p> <?php } else { ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="10"> </td></tr> <tr><td>Confirm Password:</td><td> <input type="password" name="pass2" maxlength="10"> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table> </form> <?php } ?> Many Thanks in advanced Similar Tutorialsi am currently in the process of creating a registration page for my website, i have managed to make it work and it adds the user to my main table user_info, however i also have other tables that i want the system to insert the user into when they join, such as a log for their ip address, the problem is i thought it would be a simple cas of selecting the user info and then inserting the fields into the ip_address table, but i keep getting the error "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'terminated')' at line 1" Anyway here is the code that i just added that created the error Code: [Select] $sql_id = ("SELECT * FROM user_info WHERE username = '$username'"); $result = mysql_query($sql_id); $sql_result = mysql_fetch_array($result); $sql = mysql_query("INSERT INTO ip_log (id, ip_log) VALUES ('$id', '$ipaddress'") or die (mysql_error()); And the code below is the code for the whole registration page. Thanks Code: [Select] <?php if (isset ($_POST['firstname'])){ $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers $email = $_POST['email']; $password = $_POST['password']; $cpassword = $_POST['cpassword']; $paypal_email = $_POST['paypal_email']; $country = $_POST['country']; $kingdom_name = $_POST['kingdom_name']; $kingdom_motto = $_POST['kingdom_motto']; $referal = $_POST['referal']; $email = stripslashes($email); $password = stripslashes($password); $cpassword = stripslashes($cpassword); $email = strip_tags($email); $password = strip_tags($password); $cpassword = strip_tags($cpassword); // Connect to database include_once "connect_to_mysql.php"; $emailCHecker = mysql_real_escape_string($email); $emailCHecker = str_replace("`", "", $emailCHecker); // Database duplicate username check setup for use below in the error handling if else conditionals $sql_uname_check = mysql_query("SELECT username FROM user_info WHERE username='$username'"); $uname_check = mysql_num_rows($sql_uname_check); // Database duplicate e-mail check setup for use below in the error handling if else conditionals $sql_email_check = mysql_query("SELECT email FROM user_info WHERE email='$emailCHecker'"); $email_check = mysql_num_rows($sql_email_check); // Error handling for missing data if ((!$firstname) || (!$lastname) || (!$username) || (!$email) || (!$password) || (!$cpassword) || (!$paypal_email) || (!$kingdom_name) || (!$kingdom_motto)) { $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$firstname){ $errorMsg .= ' * Firstname<br />'; } if(!$lastname){ $errorMsg .= ' * Lastname<br />'; } if(!$username){ $errorMsg .= ' * Username<br />'; } if(!$email){ $errorMsg .= ' * Email<br />'; } if(!$password){ $errorMsg .= ' * Password<br />'; } if(!$cpassword){ $errorMsg .= ' * Password Check<br />'; } if(!$paypal_email){ $errorMsg .= ' * Paypal Email<br />'; } if(!$kingdom_name){ $errorMsg .= ' * Kingdom Name<br />'; } if(!$kingdom_motto){ $errorMsg .= ' * Kingdom Motto<br />'; } } else if ($password != $cpassword) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if (strlen($username) < 4) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />"; } else if (strlen($username) > 20) { $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />"; } else if ($uname_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />"; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />"; } else { // Error handling is ended, process the data and add member to database //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// $email = mysql_real_escape_string($email); $password = mysql_real_escape_string($password); // Add MD5 Hash to the password variable $db_password = md5($password); // GET USER IP ADDRESS $ipaddress = getenv('REMOTE_ADDR'); // Add user info into the database table for the main site table $sql = mysql_query("INSERT INTO user_info (firstname, lastname, username, email, password, country, sign_up_date) VALUES('$firstname','$lastname','$username','$email','$password', '$country', now())") or die (mysql_error()); $id = mysql_insert_id(); // Create directory(folder) to hold each user's files(pics, MP3s, etc.) mkdir("members/$id", 0755); //////////////////////////////////////////////////////////////////////// ///////////////BUILDING THE USER PROFILES/////////////////////////////// $sql_id = ("SELECT * FROM user_info WHERE username = '$username'"); $result = mysql_query($sql_id); $sql_result = mysql_fetch_array($result); $sql = mysql_query("INSERT INTO ip_log (id, ip_log) VALUES ('$id', '$ipaddress'") or die (mysql_error()); include_once 'registration_success.php'; exit(); } // Close else after duplication checks } else { // if the form is not posted with variables, place default empty variables so no warnings or errors show $errorMsg = ""; $firstname = ""; $lastname = ""; $username = ""; $email = ""; $password= ""; $cpassword = ""; $paypal_email = ""; $kingdom_name = ""; $kingdom_motto = ""; $referal = ""; } ?> Can anyone see something wrong with this? It's driving me crazy and throwing up an error Quote You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''user_name', 'user_email', 'user_credit', 'fname', 'lname', 'hous' at line 3 Code: [Select] $sql_insert = ("INSERT INTO users ( 'user_name', 'user_email', 'user_credit', 'fname', 'lname', 'house_num', 'addr', 'addr2', 'county', 'postcode', 'pwd', 'dobDay', 'dobMonth', 'dobYear', 'tel', 'date', 'users_ip', 'avatar' ) VALUES ( '".$user_name."', '".$usr_email."', '0.00', '".$fname."', '".$lname."', '".$house_num."', '".$addr."', '".$addr2."', '".$county."', '".$postcode."', '".$sha1pass."', '".$dobDay."', '".$dobMonth."', '".$dobYear."', '".$tel."', '".$date."', '".$user_ip."', '/images/default/avatar.png' )"); echo $sql_insert; mysql_query($sql_insert,$link) or die(mysql_error()); I can't see what i wrong with it, i removed all the blank entries (ones with the value 'null',) but it didn't make any difference Can you guys tell me where is the error please...
$sql2= ('CREATE TABLE `'.$pub_unik.'` (ID SERIAL,ID_Use CHAR(30),Comment TEXT,Like INT,Score CHAR(30))');
I can't find...
Thank you guys
<?php
<!DOCTYPE html>
I am having an error with this code You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''name','email','password','profile') SET ('Sasural','kill@1234.com','kill','ANDK' at line 1 I am stuck with this for last 5hrs Hey guys, this is my first post here(not going to be the last one, Im sure), im trying to insert in mysql from session array, i don't know where is my error, I leave the code below, if someone can help me please . Having a problem with that "insert ignore into". If it is a new record, it works, when it is a excisting record that needs to be updated, it is giving me this error: Cannot execute query: INSERT IGNORE INTO (gedcom,kennel) VALUES ("World","Avongara") What or where is it going wrong? This message is for me not enough to find the problem. $kennels = array(); if( !in_array( $kennel, $kennels ) ) array_push( $kennels, $kennel ); foreach( $kennels as $kennel ) { $query = "INSERT IGNORE INTO $kennels_table (gedcom,kennel) VALUES (\"$tree\",\"$kennel\")"; $result = @mysql_query( $query ) or die ("$admtext[cannotexecutequery]: $query"); } Thanks for helping I have a Form on registration.html through which i trying to get data in mysql through the below php script but there is and mysql syntax error please help me with the below code. Code: [Select] <?php $conn = mysql_connect("localhost", "onlinewe_meghraj", "password123") or die(mysql_error()); $db = mysql_select_db("onlinewe_college") or die(mysql_error()); $name1 = $_POST['name1']; $name2 = $_POST['name2']; $year = $_POST['year']; $department = $_POST['deparment']; $group = $_POST['group']; $in_name = $_POST['in_name']; $in_address = $_POST['in_address']; $phone = $_POST['phone']; $email = $_POST['email']; $mobile1 = $_POST['mobile1']; $mobile12 = $_POST['mobile2']; $comment = $_POST['comment']; $result=mysql_query("INSERT INTO register (name1, name2, year, department, group, in_name, in_address, phone, email, mobile1, mobile2, date, comment) VALUES ('$name1', '$name2', '$year', '$department', '$group', '$in_name', '$in_address', '$phone', '$email', '$mobile1', '$mobile2', '".date("Y-m-d h:i:s")."', '$comment')") or die("Insert Error: ".mysql_error()); echo "REGISTRATION DONE"; ?> Please reply. Thank you. Hi. I think you all know me by now so I'll cut to the chase. Code: [Select] <?php $host="edited"; $username="edited"; $password="edited"; $db_name="edited"; $tbl_name="topic"; // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $name=$_POST['name']; $detail=$_POST['details']; $sql="INSERT INTO $tbl_name(topic, detail, datetime)VALUES('$name', '$detail', NOW())"; $result=mysql_query($sql); if($result){ header("location:site.html");} else{ echo("I have failed you master.");} ?> Displayed error: "I have failed you master." Anyone know a possible cause? Thanks. Bye. i am trying to insert data into a database with the following code <?php $first_name=$_POST['first_name']; $middle_name=$_POST['middle_name']; $last_name=$_POST['last_name']; $gender=$_POST['gender']; $file_number=$_POST['file_number']; $character=$_POST['character']; $diagnosis=$_POST['diagnosis']; $description=$_POST['description']; $day = $_POST['day']; $month = $_POST['month']; $year = $_POST['year']; $date = date("Y-m-d", mktime(0,0,0,$month, $day, $year)); $con = mysql_connect("localhost","fathersh_search","f33321rh"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("fathersh_childsearch", $con); $sql="INSERT INTO child_info (first_name,middle_name,last_name,gender,birthdate,character,diagnosis,description,file_number) VALUES ('$_POST[first_name]','$_POST[middle_name]','$_POST[last_name]','$_POST[file_number]','$_POST[gender]','$date','$_POST[character]','$_POST[diagnosis]','$_POST[description]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) ?> the error i get is Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'character,diagnosis,description,file_number) VALUES ('James','Anthony','Peters',' at line 1 Im sure this is simple, but I cannot see what my problem is! I am hitting an error on my insert query Code: [Select] Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1 I know the output of $user_id is 1, so my error is on $mysavepath Code: [Select] $mysavepath = $folder.'/'.$worldname.'_'.date("dMjY"); echo $mysavepath; $savepath = mysql_query("INSERT INTO saves (user_id,savepath) VALUES ('$user_id','$mysavepath')"); echo '<br>'.$savepath; if(!mysql_query($savepath)) { die('<br>Error: ' . mysql_error()); } however it all echos out ok? Code: [Select] 188ea678f0dcdc8252aeb15e3c910408/world_15Jan152012 1 Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1 Can anyone see the problem? Cheers Dave This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=354933.0 I can't find the error, someone help me please.
$conn = mysql_connect("localhost","root","Pass"); $err_db = mysql_select_db('bd_amics'); $sql = ("INSERT INTO `'".$_SESSION["use"][14]."'` (ID,Amic,PubID) VALUES ('".$_SESSION["person"][14]."', "1", '".$_SESSION["person"][15]."')"); mysql_query("SET NAMES utf8"); mysql_query($sql, $conn); mysql_close(); $conn3 = mysql_connect("localhost","root","Pass"); $err_db3 = mysql_select_db('bd_amics'); $sql3 = ("UPDATE `'".$_SESSION["person"][14]."'` SET Amic="2" WHERE ID='".$_SESSION["use"][14]); mysql_query("SET NAMES utf8"); mysql_query($sql3, $conn3); mysql_close(); Hi,
I have a text area field on one of my forms in order for people to post articles, however, it doesn't work when I try and post HTML through it. It works if I post normal text. Also, PHP won't give me an error, it just doesn't insert it?
<?php
if ($_POST['add']) {
$title = addslashes($_POST['title']);
$image = htmlspecialchars($_POST['image']);
$source = mysql_real_escape_string($_POST['source']);
$active = $_POST['active'];
$feature = $_POST['feature'];
$cat_id = $_POST['cat_id'];
$content = htmlspecialchars($_POST['content']);
$months = array(
"",
"January",
"February",
"March",
"April",
"May",
"June",
"July",
"August",
"September",
"October",
"November",
"December"
);
$date = date('d', time()) . ' ' . $months[date('n', time())] . ' ' . date('Y', time());
if ($title == NULL || $image == NULL || $content == NULL) {
echo '<br /><br /><center>Please, fill all inputs</center><br /><br />';
} else {
$add = "INSERT INTO `news` cat_id='$cat_id', title='$title', image='$image', content='$content', date='$date', author='".$user['admin']."', authorid='".$user['id']."', source='$source', active='$active', twitter='".$user['twitter']."', featured='$feature'" or die(mysql_error());
$sql = mysql_query($add);
$addgrowl = "INSERT INTO `growl` (toid, message) VALUES ('$id', 'Your article is now online!')";
$sql = mysql_query($addgrowl);
echo '<script type="text/javascript">
window.location = "articles.php"
</script>
';
}
}
?>
Help :-(
This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=342913.0 So when I execute this it'll go for about 130k rows then give a 500 error. Any ideas how to avoid this and get it to complete? Code: [Select] $i=10000000; while($i<=99999999) { $public = $i; $value = rand(10000000, 99999999); mysql_query("INSERT INTO yummy_table (public, value) VALUES('$public', '$value' ) ") or die(mysql_error()); $i++; } echo "done"; Code: [Select] $date = date('m-d-y'); $ip = $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO users VALUES ($username, $password, 0, $ip, $date)") or die(mysql_error()); Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '.60.116, 03-06-11)' at line 1 I'm not sure why I get this error. :/ I've made my own customized admin panel to edit tables. The script worked fine on my localserver(wamp) but is showing this error when i try to update or insert a record ...select and delete is working fine.. Have used same function for update, delete, and insert If anything is unclear please ask me.. ??? |
|||||||