PHP - Magic_quotes_gpc / Mysql Insert Help

I have this code: <?php
$con = mysql_connect("localhost","hhh","hhh");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("hhh", $con);

// --------------------
// Avatar insert check
// --------------------

session_start();

$name = $_POST[name];
$group = $_POST[group];
$age = $_POST[age];
$usernameid = $_SESSION[id];

$result = mysql_query("SELECT * FROM avatars WHERE name='$_POST[name]'");

$num = mysql_numrows($result);

if ($num == 0) {
mysql_query("INSERT INTO avatars (id, usernameid, name, group, age, xp)
VALUES ('', '$usernameid', '$name', '$group', '$age', '0')");

header( 'Location: me/' ) ;
}
else echo 'Sorry, please pick a new name';
?> And it does everything but put the data into the datebase. If I add a session befor and after '$request' they both run, but the sql doesn't. No error returns, if just redirects to the other page. Any help?

I don't understand where the empty value is. I've substituted the variables for text and still have the same problem.

Code:
Code: [Select]
$sql = "INSERT INTO courses (course#, name, subject, semester, ap)VALUES('$courseNum', '$courseName', '$subject', '$semester', '$ap')";
Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

well this is truely embarrising...i have a insert statement which works within phpmyadmin but when using mysqli_query it returns a error.

INSERT INTO users (username, timestamp) VALUES ('test', UTC_TIMESTAMP())

  Unknown column 'timestamp' in 'field list'   i've been playing about with this for a few hours now ...tried changing the column name (timestamp), adding ` around column names as well as table name.   the column exists which is the strangest part, and ive even checked there is no space after the column name in the db.   whats going on please?  

I need help badly!

What I want to do is insert into database the value from the selected radio group buttons.. All of them. There are 10 radio groups total (they can be less, but not more).

Thanks!
Code: [Select]
<?php
   require_once('Connections/strana.php'); 
 mysql_select_db($database_strana, $strana);
 
 ?>
<link href="css/styles.css" rel="stylesheet" type="text/css" />

<table width="100%" height="100%" style="margin-left:auto;margin-right:auto;" border="0">
<tr>
<td align="center">
<form action="" method="post" enctype="multipart/form-data" name="form1">
<table>
<?php
$tema = mysql_query("SELECT * from prasanja where tip=2")or die(mysql_error());

function odgovor1($string)
{
$string1 = explode("/", $string);
echo $string1[0];
}
function odgovor2($string)
{
$string1 = explode("/", $string);
echo $string1[1];
}


while ($row=mysql_fetch_array($tema))
{
$id=$row['prasanje_id'];
$prasanje=$row['prasanje_tekst'];
$tekst=$row['odgovor'];
?>
    <tr>
    <td>
    </td>
    </tr>
    <tr>
    <td class="formaP">
 <?php echo $prasanje?>
   </td>
   </tr>
   <tr>
   <td class="formaO">
      <p>
        <label>
          <input type="radio" name="Group<?php echo $id?>" value="<?php odgovor1($tekst) ?>"  />
          <?php odgovor1($tekst) ?></label>
        <br />
        <label>
          <input type="radio" name="Group<?php echo $id?>" value="<?php odgovor2($tekst) ?>" />
          <?php odgovor2($tekst) ?></label>
        <br />
      </p></td>
</tr>
<tr>
<td>
<br />

</td>
</tr>
<?php 




}
?>
</table>
<input align="left"type="submit" name="submit"
value="Внеси" >
</form>
</td>
</tr>
</table>
prasanje = question
tekst/odgovor = answer

The answer table:
id - primary
question_id - the questions ID whose answer is selected in the radio group
user_id - cookie takes care of this
answer - the value from radio group
date - automatic

Hi guys

I have a registration form working fine, my database is as below:

userid
username
email
password
repeatpassword


I have added another column which is "name", users can update their profile once they have logged in so I have created updateprofile.php and when I login-->go to update profile and insert my name nothing adds to mysql name column

this is my code below:

<?php

include ("global.php");


//username session
$_SESSION['username']=='$username';
$username=$_SESSION['username'];

//welcome messaage
echo "Welcome, " .$_SESSION['username']."!<p>";

  if ($_POST['register'])
    {
     //get form data
     $name = addslashes(strip_tags($_POST['name']));

$update = mysql_query("INSERT INTO users (name) VALUES ('$_POST[name]') WHERE username='$username'");
   
}

?>

    <form action='updateprofile.php' method='POST'>
    Company Name:<br />
    <input type='text' name='name'><p />
 
    <input type='submit' name='register' value='Register'>
    </form>


can you please tell me where in this code is wrong? Im new in php so please excuse me if I have silly mistakes.

thanks in advance
 

I'm a newbie on php. I'm really a system administrator and I was just task to do this simple task. For me its hard but I'm sure for a programmer this is very simple. My agenda is to pull out data on one of my column in mysql, select it and dump it on mysql. Here is the php for retrieving mysql data

Code: [Select]
<?php
function database_connect($users)
{
    $resource_link = mysql_connect("localhost", "root", "root");
    if (mysql_select_db($users, $resource_link)) {
        return $resource_link;
    } else {
        echo "Cannot connect to DB";
        return false;
    }
}

function print_dropdown($query, $link){
    $queried = mysql_query($query, $link);
    $menu = '<select username="username">';
    while ($result = mysql_fetch_array($queried)) {
        $menu .= '
      <option value="' . $result['id'] . '">' . $result['username'] . '</option>';
    }
    $menu .= '</select>';
    return $menu;
}

//Some other form elements, or just start a form.
echo '<form method="post" action="create2.php">';

//The important bit
echo print_dropdown("SELECT username FROM mailbox;", database_connect("users"));

//Some other form elements, or just end the form.
echo '<input type="submit" name="submit" value="submit"/></form>';

Here is the content of my create2.php. This is the php page who do the insert on my mysql.

Code: [Select]
<?php
// open the connection
$conn = mysql_connect("localhost", "root", "root");
// pick the database to use
mysql_select_db("users",$conn);
// create the SQL statement
$sql2 = "INSERT INTO mailbox values ('','locked','','$_POST[username]','',NOW(),'','locked','')";
// for troubleshooting
$result = mysql_query($sql2, $conn) or die(mysql_error());
// execute the SQL statement
//if (mysql_query($sql2, $conn)) {
//    echo "Success";
//} else {
 //   echo "Fail";
//}
}
?>

When I click the submit button, I don't see any record being inserted on my table. I'm using the create2.php on my other page though it is only an insert/fill up form not like this one that I need to pull up the date, select and insert to mysql.

This is probably some obvious error I have made, but I cannot figure it out. I have made a few pages and now I am debugging them. My first page is called insert_purchase_order.php; on this page a person will enter some data in fields and hit the insert button. Then, the data is passed to another page, but when I try to insert into mysql it does not give me any errors, but I have no new rows either. The code for my 2nd page:

Code: [Select]
<?php
session_start();
$action=$_GET[action];
if ($action==insert){

$randid=$_POST['randid'];
$vendor=$_POST["vendor"];
$purchase_order_date=$_POST["purchase_order_date"];
$ship=$_POST["ship"];
$fob=$_POST["fob"];
$terms=$_POST["terms"];
$buyer=$_POST["buyer"];
$freight=$_POST["freight"];
$req_date=$_POST["req_date"];
$confirming_to=$_POST["confirming_to"];
$remarks=$_POST["remarks"];
$tax=$_POST["tax"];


$con = mysql_connect("localhost","root","pass");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("main", $con);

mysql_query("INSERT INTO purchase_order (randid, vendor, purchase_order, ship, fob, terms, buyer, freight, req_date, confirming_to, remarks, tax)
VALUES ($randid, $vendor,$purchase_order_date,$ship, $fob, $terms, $buyer, $freight, $req_date, $confirming_to, $remarks, $tax)");

mysql_close($con);

echo 'Data Accepted...'; 
echo '<br/>';
echo 'P.O. Inserted Successfully';


}else{
echo 'Error... Please Contact Bruce.';
echo 'Bruce, no data was passed from the insert_purchase_order.php page.';
}


?>
<a href="http://localhost/insert_purchase_order_items.php?po= <?php echo $randid; ?>">Insert Purchase Order Items</a>
I have permissions and everything.

Thanks

Array ( [data] => Array ( [0] => Array ( [latitude] => 22.934566 [longitude] => 79.08728 [type] => county [distance] => 44.328 [name] => Narsinghpur [number] => [postal_code] => [street] => [confidence] => 0.5 [region] => Madhya Pradesh [region_code] => MP [county] => Narsinghpur [locality] => [administrative_area] => [neighbourhood] => [country] => India [country_code] => IND [continent] => Asia [label] => Narsinghpur, India ) ) )

Please Help ! Thanks in Advance

Hi

I have a XML file as follows:

<?xml version="1.0"?>
<inspection_form>
  <inspection_type>
    <inspection_area_tlb>yard_and_lot</inspection_area_tlb>
    <inspection_area>Yard and Lot</inspection_area>
    <items>
      <item>
        <item_name>PID Signage/unauthorized sign on pole</item_name>
        <item_value>0</item_value>
      </item>
      <item>
        <item_name>Landscape well maintained</item_name>
        <item_value>0</item_value>
      </item>
</items>
  </inspection_type>
  <inspection_type>
    <inspection_area_tlb>pump_island</inspection_area_tlb>
    <inspection_area>Pump Island and Canopies</inspection_area>
    <items>
      <item>
        <item_name>pumps clean and free of dirt</item_name>
        <item_value>0</item_value>
      </item>
      <item>
        <item_name>Approved trash cans/clean</item_name>
        <item_value>0</item_value>
      </item>
</items>
  </inspection_type>
</inspection_form>

I want to insert into DB as follows:

inspection_area_tlb inspection_area item_name item_value yard_and_lot yard and Lot PID Signage/unauthorized sign on pole 0 yard_and_lot yard and Lot Landscape well maintained 0 pump_island Pump Island and Canopies pumps clean and free of dirt 0 pump_island Pump Island and Canopies Approved trash cans/clean 0
I have written some php code. But every item node as insert for every 'inspection_type'. This is my code


$filename="sample.xml";
if(filesize($filename)>0)
{
$oDOM = new DOMDocument();
$oDOM->loadXML(file_get_contents($filename)); 
foreach ($oDOM->getElementsByTagName('inspection_type') as $oBookNode)
{
foreach ($oDOM->getElementsByTagName('item') as $itmNode)
{
    $sSQL = sprintf(
        "INSERT INTO inspections_master_tablename_import (INSPECTION_TYPE_DB_C_NAME, INSPECTION_TYPE_C_NAME, INSPECTION_TYPE_ITEM_C_NAME,INSPECTION_TYPE_ITEM_VALUE_C_NAME) VALUES ('%s', '%s', '%s', '%s')",
        mysql_real_escape_string($oBookNode->getElementsByTagName('inspection_area_tlb')->item(0)->nodeValue),
        mysql_real_escape_string($oBookNode->getElementsByTagName('inspection_area')->item(0)->nodeValue),
        mysql_real_escape_string($itmNode->getElementsByTagName('item_name')->item(0)->nodeValue),
mysql_real_escape_string($itmNode->getElementsByTagName('item_value')->item(0)->nodeValue)
    );
    $rResult = mysql_query($sSQL);
    
    if(mysql_errno() > 0)
    {
        printf(
            '<h4 style="color: red;">Query Error:</h4>
            <p>(%s) - %s</p>
            <p>Query: %s</p>
            <hr />',
            mysql_errno(),
            mysql_error(),
            $sSQL
        );
    }
}
}
}


Can anyone help me pls.

Hey guys for some reason this code is not working i can't see a problem myself could someone please have a look and point the issue out to me. what i mean by it not working is it won't insert into the database or show a mysql_error.

thanks in advance

Code: [Select]
$guestip = $_SERVER['REMOTE_ADDR'];
$time = date('G:i');
$date = date("y-m-d");

$query = mysql_query("SELECT * FROM IP_Address") or die(mysql_error());
while($row = mysql_fetch_assoc($query)){
   
    if($guestip != $row['ip']){
        //insert into db.
        mysql_query("INSERT INTO IP_Address(id, ip, date, time) VALUES(NULL,'$questip','$date','$time')") or die(mysql_error());
        echo "inserted in to database"; echo mysql_error();
    }else{
        // add hit count and update time and date.
        echo "already in db";
    }
}

The Script:

<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
    <input type="text" name="hashtags" />
    <input type="submit" name="submit" />

</form>
<?php

if(isset($_POST['submit'])){

    $hashtags = explode(", ", $_POST['hashtags']);

// Prints e.g.: Array ( [0] => #tag1 [1] => #tag2 [2] => #tag3 [3] => #tag4 )
    print_r($hashtags);
    
}

?>

This gets inserted into the input field:

#tag1, #tag2, #tag3, #tag4

I am looking to check if any of the hashtags inside the array already exist in the database, if it does not exists it should create the new ones in the table.   I know how to do this if all do not exists in the array and then it goes over to the MySQL query and inserts all of them.   My Question Is: How to insert only the ones which do not exists out of the array, so the ones which do exists do not get inserted again into the table?
Edited by glassfish, 14 October 2014 - 10:15 AM.

I have an old site written for PHP 5.4 and under and trying (very trying) to get it to work with PHP 7x without much luck. Due to all the changes in 7 my code is one big error message, but one thing at a time. I cannot get the follow code to work at all, even though it worked in PHP 5.

Error:

QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'viewuser.php?u=666' id='member'>THE PREDATOR [666] was added to the hit' at line 1
The Query was INSERT INTO gangevents VALUES('','20', UNIX_TIMESTAMP(),'THE  PREDATOR [666] was added to the hit list.')

I have tried at least 20+ different ways of doing this but just can't get the right syntax to get it inserted into MySQL, the code below is just the latest version.  If I echo the a href line out, it works perfect. 

I am sure it is something ridiculously simple, but I have been 4 hours and counting on this now.

Thanks

gangevent_add_2($gangdata['gangID'], "<a href='viewuser.php?u=".$r['userid']."' ".$csscode[$r['userlevel']-1].">".$r['username']."</a> [".$r['userid']."] was added to your hitlist");

function gangevent_add_2($gang, $text) { 
	global $db; $csscode; 
	$db->query("UPDATE users SET gangevent = gangevent + 1 WHERE gang={$gang}");
	$db->query("INSERT INTO gangevents VALUES('','$gang', UNIX_TIMESTAMP(),'$text')");
}

 

how can i make this code to insert a single, multiple and update rows in the database. The code only insert new rows in the database.

Code: [Select]

if (($handle = fopen('inventorylist.csv', "r")) !== FALSE) {
    while (($data = fgetcsv($handle, 100000, ",")) !== FALSE) {
        $num = count($data);
     

                  $sql="INSERT into inventory(itemNumber,itemDesc,quantityHand,category,Whse) values('$data[0]','$data[1]','$data[2]','$data[3]','$data[4]')";

                    mysql_query($sql) or die(mysql_error());

       
    }
    fclose($handle);

        }

hello can anyone help me how to insert GET variable into mysql   


<?php
$page_title = 'Personal Wellness';
include ('template/header.inc');
include_once('config.php');

$id = $_GET['id'];

if(isset($_POST['submit']))
//if submit was pressed
{
if(strlen($_POST['height'])<1) //if there was no height
{
print "You did not enter a height.";
}
else if(strlen($_POST['weight'])<1) //no weight
{
print "You did not enter a weight.";
}
else if(strlen($_POST['bodyfat'])<1) //no bodyfat
{
print "You did not enter a Body Fat Range";
}
else if (strlen ($_POST['bodywater'])<1) //no bodywater
{
print "You did not enter a Body Water Range";
}
else if( strlen($_POST['musclemass'])<1) //no musclemass
{
print "You did not enter a Muscle Mass";
}
else if (strlen ($_POST['physiqueratt'])<1) //no physiqueratt
{
print "You did not enter a Physique Ratings";
}
else if (strlen ($_POST['bonemass'])<1) //no bonemass
{
print "You did not enter a Bone Mass";
}
else if (strlen ($_POST['bmr'])<1) //no bmr
{
print "You did not enter a BMR";
}
else if (strlen ($_POST['basalmetabolic'])<1) //no basalmetabolic
{
print "You did not enter a Basal Metabolic Age";
}
else if (strlen ($_POST['visceralfat'])<1) //no visceralfat
{
print "You did not enter a Visceral Fat";
}
else if(strlen($_POST['registrationmonth'] && $_POST['registrationday'] && $_POST['registrationyear'])<1) // no date
{
print "You did not enter a date of birth";
}
else //all fields met
{
$id=$_GET['id'];
$height=$_POST['height'];
$weight=$_POST['weight'];
$bodyfat=$_POST['bodyfat'];
$bodywater=$_POST['bodywater'];
$musclemass=$_POST['musclemass'];
$physiqueratt=$_POST['physiqueratt'];
$bonemass=$_POST['bonemass'];
$bmr=$_POST['bmr'];
$basalmetabolic=$_POST['basalmetabolic'];
$visceralfat=$_POST['visceralfat'];
$date=$_POST['registrationyear'] . '-' . $_POST['registrationmonth'] . '-' . $_POST['registrationday'];

$insertadmin="INSERT into personalwelness (m_id,height,weight,body_fat,body_water,muscle_mas s,physique_ratt,bone_mass,bmr,basal_metabolic,visc eral_fat,evaluation_date) values ('$id','$height','$weight','$bodyfat','$bodywater','$mus clemass','$physiqueratt','$bonemass','$bmr','$basa lmetabolic','$visceralfat','$date')"; //registering admin in databae
echo $insertadmin;
$insertadmin2=mysql_query($insertadmin) or die("Could not insert admin");
print "Personal Wellness Successfully Submitted";
}
}

?>
<form method="post" class="form" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset><legend>Enter Personal Wellness Information in the form below:</legend>

<table width="80%" border="0">
<tr>
<td width="16%">Height(CM)</td>
<td width="2%">:</td>
<td width="82%"><label for="height"></label>
<input type="text" name="height" id="height" value="<?php if (isset($_POST['height']))
echo $_POST['height'];?>" /></td>
</tr>
<tr>
<td>Weight(KG)</td>
<td>:</td>
<td><label for="weight"></label>
<input type="text" name="weight" id="weight" value="<?php if (isset($_POST['weight']))
echo $_POST['weight'];?>" /></td>
</tr>
<tr>
<td >Body Fat Range</td>
<td>:</td>
<td><label for="body fat"></label>
<input type="text" name="bodyfat" id="bodyfat" value="<?php if (isset($_POST['bodyfat']))
echo $_POST['bodyfat'];?>" ></td>
</tr>
<tr>
<td>Body Water Range(%)</td>
<td>:</td>
<td><label for="bodywater"></label>
<input type="text" name="bodywater" id="bodywater" value="<?php if (isset($_POST['bodywater']))
echo $_POST['bodywater'];?>"/></td>
</tr>
<tr>
<td>Muscle Mass</td>
<td>:</td>
<td><label for="musclemass"></label>
<input type="text" name="musclemass" id="musclemass" value="<?php if (isset($_POST['musclemass']))
echo $_POST['musclemass'];?>"></td>
</tr>
<tr>
<td>Physique Ratings</td>
<td>:</td>
<td><label for="physiqueratt"></label>
<input type="text" name="physiqueratt" id="physiqueratt" value="<?php if (isset($_POST['physiqueratt']))
echo $_POST['physiqueratt'];?>"></td>
</tr>
<tr>
<td>Bone Mass</td>
<td>:</td>
<td><label for="bonemass"></label>
<input type="text" name="bonemass" id="bonemass" value="<?php if (isset($_POST['bonemass']))
echo $_POST['bonemass'];?>" /></td>
</tr>
<tr>
<td>BMR</td>
<td>:</td>
<td><label for="bmr"></label>
<input type="text" name="bmr" id="bmr" value="<?php if (isset($_POST['bmr']))
echo $_POST['bmr'];?>"/></td>
</tr>
<tr>
<td>Basal Metabolic Age</td>
<td>:</td>
<td><label for="basalmetabolic"></label>
<input type="text" name="basalmetabolic" id="basalmetabolic" value="<?php if (isset($_POST['basalmetabolic']))
echo $_POST['basalmetabolic'];?>"></td>
</tr>
<tr>
<td>Visceral Fat</td>
<td>:</td>
<td><label for="visceralfat"></label>
<input type="text" name="visceralfat" id="visceralfat" value="<?php if (isset($_POST['visceralfat']))
echo $_POST['visceralfat'];?>"></td>
</tr>
<tr>
<td>Evaluation Date</td>
<td>:</td>
<td> <?php echo date_picker("registration")?></td>
</tr>
</table>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" />

</div>
</form>
<?php
function date_picker($name, $startyear=NULL, $endyear=NULL)
{
if($startyear==NULL) $startyear = date("Y")-100;
if($endyear==NULL) $endyear=date("Y")+50;

$months=array('','January','February','March','Apr il','May',
'June','July','August', 'September','October','November','December');

// Month dropdown
$html="<select name=\"".$name."month\">";

for($i=1;$i<=12;$i++)
{
$html.="<option value='$i'>$months[$i]</option>";
}
$html.="</select> ";

// Day dropdown
$html.="<select name=\"".$name."day\">";
for($i=1;$i<=31;$i++)
{
$html.="<option $selected value='$i'>$i</option>";
}
$html.="</select> ";

// Year dropdown
$html.="<select name=\"".$name."year\">";

for($i=$startyear;$i<=$endyear;$i++)
{
$html.="<option value='$i'>$i</option>";
}
$html.="</select> ";

return $html;
}
?>

<?php
include ('template/footer.inc');
?>

Hello Friends,

Now i m stuck with simple insert query .

here's the code

Code: [Select]
<?php 
include_once("conf.php");

$firstName=$_POST['fname'];
$lastName=$_POST['lname'];
$email=$_POST['email'];
$dob=$_POST['dob'];
$password=$_POST['pass'];

$fname= stripslashes($firstName);
$lname=stripslashes($lastName);


$mail= mysql_real_escape_string($email);
$password= mysql_real_escape_string($password);

mysql_select_db('site');
$statement="Insert into Accounts(Name,lastName,emailId,DOB,password) VALUES($fname,$lname,$mail,$dob,$password)";

$query=mysql_real_escape_string($statement);

mysql_query($query) or die("Cannot save data:</br> ".mysql_error());
echo "Data Saved Successfully";

?>

Now please explain me why i m getting the following error

Cannot save data:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com,1988/12/20,password)' at line 1

Any help will be highly appreciated!