|
PHP - Insert Into Problems
I am having a problem inserting information into my database. It will not create a record, no matter what I do. I have used the exact same template for two other pages, and it works fine, but for this one, it simply will not work. If I echo each variable, it will print out, but even if I reduce the insert to one field, it still will not work. Please help... Here is my code.
<?php
<html>
<?php
$ID = $_POST['ID'];
if ($conn->query($sql) == TRUE) {
</body> Similar TutorialsHi People. Thanks for all the help with my ongoing project. Please can you tell me what my problem is with this error? Error During Insert : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES ('test', 'tesast', 'tesat','tear', 'sest', 'none whatsoever', '', 'ter'' at line 1 Error occured running the following code : INSERT INTO HelperFormData (surname, firstname, phone1, phone2, location, qualifications, expertise, assistance, languages, e_mail, consent, published, comments, other_info,) VALUES ('test', 'tesast', 'tesat','tear', 'sest', 'none whatsoever', '', 'ter', 'my language', 'vince@vince.com', 'No', 'No', 'ateaglea', 'ttaelgae') Here is the code to my insert form Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Stranded Flyer</title> </head> <body> <?php $host = 'localhost'; $usr = "username"; $password = 'password'; $db_name = 'stranded'; //connect to database mysql_connect ("$host","$usr","$password") or die ('Error During Connect:<br>'.mysql_error()); mysql_select_db ("$db_name") or die ('Error Selecting DB:<br>'.mysql_error()); $surname = mysql_real_escape_string($_POST['surname']); $firstname = mysql_real_escape_string($_POST['firstname']); $phone1 = mysql_real_escape_string($_POST['phone1']); $phone2 = mysql_real_escape_string($_POST['phone2']); $location = mysql_real_escape_string($_POST['location']); $qualifications = mysql_real_escape_string($_POST['qualifications']); $expertise = mysql_real_escape_string($_POST['expertise']); $assistance = mysql_real_escape_string($_POST['assistance']); $languages = mysql_real_escape_string($_POST['languages']); $e_mail = mysql_real_escape_string($_POST['e_mail']); $consent = mysql_real_escape_string($_POST['consent']); $published = mysql_real_escape_string($_POST['published']); $comments = mysql_real_escape_string($_POST['comments']); $other_info = mysql_real_escape_string($_POST['other_info']); $errorstring = ""; // default value of errorstring function makeSafe($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } $value = mysql_real_escape_string($value); return $value; } if(isset($_POST['submit'])) { // Validate all the code inputs // Captcha Validation require_once('recaptchalib.php'); $privatekey = "MyPrivateKeyRemovedForTheForumPost"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly $errorstring = $errorstring. "Invalid CAPTCHA, please try again"; } else { if ($surname =="") $errorstring = $errorstring. "Surname<br>"; if ($phone1 =="") $errorstring = $errorstring. "phone1<br>"; if ($phone2 =="") $errorstring = $errorstring. "phone2<br>"; if ($location =="") $errorstring = $errorstring. "location<br>"; if ($qualifications =="") $errorstring = $errorstring. "qualifications<br>"; if ($assistance =="") $errorstring = $errorstring. "assistance<br>"; if ($languages =="") $errorstring = $errorstring. "languages<br>"; if ($e_mail =="") $errorstring = $errorstring. "e_mail<br>"; if ($consent =="") $errorstring = $errorstring. "consent<br>"; if ($published =="") $errorstring = $errorstring. "published<br>"; if ($comments =="") $errorstring = $errorstring. "comments<br>"; if ($other_info =="") $errorstring = $errorstring. "other info<br>"; // does the errorstring = "nothing"? } // Figure out which error message to show i.e. field validation or CAPTCHA if ($errorstring !="") if (strstr($errorstring,"CAPTCHA")) echo $errorstring; else echo "You have not put anything in the following fields: <br><br> $errorstring"; //echo "If you have nothing to put in the box please type the word \"None\" or \"N\/A\""; //die ("Please try again, ensuring that you fill out all the fields!"); else { //echo "Your data has been saved"; $insert_query = "INSERT INTO HelperFormData (surname, firstname, phone1, phone2, location, qualifications, expertise, assistance, languages, e_mail, consent, published, comments, other_info,) VALUES ('$surname', '$firstname', '$phone1','$phone2', '$location', '$qualifications', '$expertise', '$assistance', '$languages', '$e_mail', '$consent', '$published', '$comments', '$other_info')"; $insert_action = mysql_query($insert_query) or die ('Error During Insert :<br>'.mysql_error().'<br><br>Error occured running the following code :<br>'.$insert_query); $id = mysql_insert_id(); echo "Thank you, Your details have been submitted."; //include "resultcard.php"; // Output what the form looks like // End of how the form looks } } if(!isset($_POST['submit']) || (isset($_POST['submit']) && !empty($errorstring))) { ?> <form name = "form1" method ="post" action=""> <table width="700" border="0" cellspacing="5" cellpadding="5" bgcolor = "#dddddd"> <caption> Submit Your Details </caption> <tr> <td width = "50"> </td> <td width = "240"> </td> <td width = "250"> </td> <td width = "160"><b>Example Input</b></td> </tr> <tr> <td> </td> <td>Surname</td> <td><input type='text' name='surname' size = '40' maxlength='30' value = '<?php echo $surname; ?>'></td> <td>Smith</td> </tr> <tr> <td> </td> <td>First Name</td> <td><input type='text' name='firstname' size = '40' maxlength='30' value = '<?php echo $firstname; ?>'></td> <td>Bill</td> </tr> <tr> <td> </td> <td>Phone 1</td> <td><input type='text' name='phone1' size = '40' maxlength='30' value = '<?php echo $phone1; ?>'></td> <td>07777 777777</td> </tr> <tr> <td> </td> <td>Phone 2</td> <td><input type='text' name='phone2' size = '40' maxlength= '30'value = '<?php echo $phone2; ?>'></td> <td>0118 123 4567</td> </tr> <tr> <td> </td> <td>Location</td> <td><input type='text' name='location' size = '40' maxlength='40'value = '<?php echo $location; ?>'></td> <td>52.289071,-1.952004</td> </tr> <tr> <td> </td> <td>Qualifications</td> <td><input type='text' name='qualifications' size = '40' maxlength='30' value = '<?php echo $qualifications; ?>'></td> <td>Electrician</td> </tr> <tr> <td> </td> <td>Expertise</td> <td><input type='text' name='qualifications' size = '40' maxlength='30' value = '<?php echo $expertise; ?>'></td> <td>Flexwings</td> </tr> <tr> <td> </td> <td>Assistance Offered</td> <td><input type='text' name='assistance' size = '40' maxlength='50' value = '<?php echo $assistance; ?>' /></td> <td>Trailer and Tow Car</td> </tr> <tr> <td> </td> <td>Language Skills</td> <td><input type='text' name='languages' size = '40' maxlength='50' value = '<?php echo $languages; ?>' /></td> <td><p>English / Spanish</p></td> </tr> <tr> <td> </td> <td>e_mail</td> <td><input type='text' name='e_mail' size = '40' maxlength='50' value = '<?php echo $e_mail; ?>' /></td> <td><p>example@mail.net</p></td> </tr> <tr> <td> </td> <td>Consent</td> <td> <select name = "consent"> <option value = "Yes" <?php if ($_POST['consent'] == 'Yes') { echo 'selected="selected"'; } ?>>Yes</option> <option value = "No" <?php if ($_POST['consent'] == 'No') { echo 'selected="selected"'; } ?>>No</option> </select> </td> <td>Yes</td> </tr> <tr> <td> </td> <td>Published</td> <td> <select name = "published"> <option value = "Yes" <?php if ($_POST['published'] == 'Yes') { echo 'selected="selected"'; } ?>>Yes</option> <option value = "No" <?php if ($_POST['published'] == 'No') { echo 'selected="selected"'; } ?>>No</option> </select> </td> <td>Yes</td> </tr> <tr> <td> </td> <td>Comments</td> <td><textarea name= "comments" input type = 'text' rows = "5" cols = "29" /><?php echo $comments; ?></textarea></td> <td>As much info as possible 500 characters max</td> </tr> <tr> <td> </td> <td>Other Info</td> <td><textarea name= "other_info" input="input" type = 'text' rows = "5" cols = "29" /><?php echo $other_info; ?></textarea></td> <td>As much info as possible 500 characters max</td> </tr> <tr> <td> </td> <td><input type='submit' name='submit' value='Submit Your Info' /></td> <td colspan="2"> <? require_once('recaptchalib.php'); $publickey = "MyPublicKeyRemovedFromTheForumPost"; // you got this from the signup page echo recaptcha_get_html($publickey); ?></td> </tr> </table> </form> </body> </html> <?php } ?> Hi all, I'm having a hard time with strings... I am pulling data from an XML feed, and then trying to insert into my database. All the code is wrote, the problem is that some of the descriptions contain both ' and " so it is messing with my insert statement. I can get over the ' by doing this: \"$newstring\" however it then fails on " I have tried every function I can think of: str_replace, mysql_real_escape_string, htmlspecialchars, addslashes, stripslashes etc. etc. nothing seems to do the trick! I have attached the code in full, would someone be able to take a look and help me out? Any help would be greatly appreciated! many thanks Greens85 Hi all, I use a MySQL insert query of the following form: Code: [Select] <?php $insert1= mysql_query ("INSERT INTO tablename (H1, H2, H3) VALUES '$V1','$V2','$V3')"); ?> However, I encounter problems when $V1, $V2 or $V3 contain certain symbols, such as quotes ("'). What is the best way to avoid this? Thanks! I'm missing something here. I have a form, and when the submit is pressed, the relevant post data inserts into table one, then I want the last insert id to insert along with other form data into a second table. The first table's still inserting fine, but I can't get that second one to do anything. It leapfrogs over the query and doesn't give an error. EDIT: I forgot to add an error: I get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usage, why VALUES ('14', '', '123', '','1234', '', '')' at line 1 query:INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('test 14', 'asdfa', 'asdf', 'adf','asdf', '', '', '', '123', '', '') Code: [Select] if (empty($errors)) { require_once ('dbconnectionfile.php'); $query = "INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('$description12', '$sn', '$description4', '$cne','$description5', '$description6', '$description7', '$description8', '$description9', '$description10', '$description11')"; $result = @mysql_query ($query); if ($result) { $who_donated=mysql_insert_id(); $query2 = "INSERT INTO tbl_donation (donor_id, donor_expyear, donor_cvv, donor_cardtype, donor_authorization, amount, usage, why) VALUES ('$who_donated', '$donate2', '$donate3', '$donate4','$donate5', '$donate6', '$donate7')"; $result2 = @mysql_query ($query2); if ($result2) {echo "Info was added to both tables! yay!";} echo "table one filled. Table two was not."; echo $who_donated; //header ("Location: http://www.twigzy.com/add_plant.php?var1=$plant_id"); exit(); } else { echo 'system error. No donation added'; Can anyone tell me why this is not INSERTing? My array data is coming out just fine.. I've tried everything I can think of and cannot get anything to insert.. Ahhhh! <?php $query = "SELECT RegionID, City FROM geo_cities WHERE RegionID='135'"; $results = mysqli_query($cxn, $query); $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($row = mysqli_fetch_array($results)) { $insert_city_query = "INSERT INTO all_illinois SET state_id=$row[RegionID], city_name=$row[City] WHERE id = null" or mysqli_error(); $insert = mysqli_query($cxn, $insert_city_query); if (!$insert) { echo "INSERT is NOT working!"; exit(); } echo $row['City'] . "<br />"; echo "<pre>"; echo print_r($row); echo "</pre>"; } //while ($rows = mysqli_fetch_array($results)) } //if (mysqli_num_rows($results)) else { echo "No results to get!"; } ?> Here is my all_illinois INSERT table structu CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Here is my source table geo_cities structu CREATE TABLE IF NOT EXISTS `1` ( `CityId` varchar(255) NOT NULL, `CountryID` varchar(255) NOT NULL, `RegionID` varchar(255) NOT NULL, `City` varchar(255) NOT NULL, `Latitude` varchar(255) NOT NULL, `Longitude` varchar(255) NOT NULL, `TimeZone` varchar(255) NOT NULL, `DmaId` varchar(255) NOT NULL, `Code` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Hello, I'm having a bit of a problem here, all help to this issues would be much appreciated I am trying to use text boxes to insert numbers into the database based on what is inputed. If I have a string, like this for example: $variable = 09385493; And I want to insert it into the database like this: mysql_query("INSERT INTO integers(number) VALUES ('$variable')"); When checking the integers table in my database, looking at the number field, the $variable that was inserted is outputted as 9385493 Notice the number zero was taken out of the front of the number. If the number is double 0's (009385493), both of those zero's would disappear, too. Thanks class curl2{ private $curl_init; private $CURLOPT_URL; public function connect(){ $this->curl_init = curl_init(); } public function debug(){ curl_setopt($this->curl_init, CURLOPT_VERBOSE, TRUE); $fp = fopen("curl2.txt", "w"); curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE); } public function setUrl($url = null){ $this->CURLOPT_URL = $url; curl_setopt($this->curl_init, CURLOPT_URL, $this->CURLOPT_URL); } public function execute(){ $out = curl_exec($this->curl_init); curl_close($this->curl_init); return $out; } } $curl2 = new curl2; $curl2->connect(); $curl2->setUrl("http://www.linuxformat.co.uk"); $curl2->debug(); echo $curl2->execute(); It display a blank page like attachment result1.jpg, but if I move the $fp = fopen("curl2.txt", "w"); curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE); from function debug() and join it with function execute() like this: public function execute(){ $fp = fopen("curl2.txt", "w"); curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE); $out = curl_exec($this->curl_init); curl_close($this->curl_init); return $out; } it return me Linuxformat content ( expected result ) like result2.jpg below is the working code : class curl2{ private $curl_init; private $CURLOPT_URL; public function connect(){ $this->curl_init = curl_init(); } public function debug(){ curl_setopt($this->curl_init, CURLOPT_VERBOSE, TRUE); } public function setUrl($url = null){ $this->CURLOPT_URL = $url; curl_setopt($this->curl_init, CURLOPT_URL, $this->CURLOPT_URL); } public function execute(){ $fp = fopen("curl2.txt", "w"); curl_setopt($this->curl_init, CURLOPT_STDERR, $fp); curl_setopt($this->curl_init, CURLOPT_RETURNTRANSFER, TRUE); $out = curl_exec($this->curl_init); curl_close($this->curl_init); return $out; } } $curl2 = new curl2; $curl2->connect(); $curl2->setUrl("http://www.linuxformat.co.uk"); $curl2->debug(); echo $curl2->execute(); Why I couldn't split "CURLOPT_STDERR, CURLOPT_RETURNTRANSFER" with "curl_exec" hey developers,
i have problem to get last insert id. btw.. i try to put that code on my mvc creation.
on register_model page i write like this:
public function numbering(){ $sth = $this->db->prepare('SELECT * FROM member_data'); $result = $this->db->lastInsertId(); return $result; } and for the controllers page, i write the code like this: $c = $this->model->numbering(); foreach ($c as $key => $value) { $data = $result('id'); } $abc['member_id'] = $data; but i didn't get the results,.. can you help me? i am trying to update a column in the database. I can update int columns but what about text? i want to update it so that the new text is added to it while keeping the old one. Here is what i have(which isnt working): mysql_query("UPDATE ".DB_PREFIX."posts SET post_content = '$old_content' + '".$_POST['test']."' WHERE post_id = '$double_post_id'") or die(mysql_error()); i have also tried: SET post_content = post_content + '".$_POST['test']."' but that didnt work either. What should i be doing? Not being able to upload images in the directory with a path name in the database? 1) This is my code for insert into the database and directory:
<?php
$host="localhost";
$username="root";
$pass="";
$db="registration";
$conn=mysqli_connect($host,$username,$pass,$db);
if(!$conn){
die("Database connection error");
}
// insert query for register page
if(isset($_POST['ronel'])){
$images = $_FILES['file']['name'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["file"]["name"]);
// Select file type
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Valid file extensions
$extensions_arr = array("jpg","jpeg","png","gif","pdf");
// Check extension
if( in_array($imageFileType,$extensions_arr) )
{
$details=$_POST['details'];
$location=$_POST['location'];
$checkbox=$_POST['checkbox'];
$injured=$_POST['injured'];
$agegender=$_POST['agegender'];
$contact=$_POST['contact'];
$empid=$_POST['empid'];
$dept=$_POST['dept'];
$organization=$_POST['organization'];
$summary=$_POST['summary'];
$name=$_POST['name'];
$outcome=$_POST['outcome'];
$cause=$_POST['cause'];
$action=$_POST['action'];
$reportedname=$_POST['reportedname'];
$position=$_POST['position'];
$organisation=$_POST['organisation'];
$reportedcontact=$_POST['reportedcontact'];
$reporteddept=$_POST['reporteddept'];
$status="Pending";
$comment=$_POST['comment'];
$query="INSERT INTO `proposals` (`details`,`location`,`date`,`time`,`checkbox`,`injured`,`agegender`,`contact`,`empid`,`dept` ,`organization`,`summary`,`image`,`outcome`,`cause`,`action`,`reportedname`,`position`,`organisation`,`reportedcontact`,`reporteddept`,`status`,`comment`) VALUES ('$details','$location', current_timestamp(),current_timestamp(),'$checkbox','$injured','$agegender','$contact','$empid','$dept' ,'$organization','$summary','$name','$outcome','$cause','$action','$reportedname','$position','$organisation','$reportedcontact','$reporteddept','$status','$comment')";
$res=mysqli_query($conn,$query);
if($res){
$_SESSION['success']="Not Inserted successfully!";
header('Location:');
}else{
echo "<script>alert('Proposal not applied!');</script>";
}
// Upload file
move_uploaded_file($_FILES['file']['tmp_name'],$target_dir.$image);
}
}
date_default_timezone_set("Asia/Kolkata");
?>
2) Here is the input file:
<form class="form-horizontal" method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="ronel" value="">
<div class="form-group">
<label style="position:absolute; left:63%; top:425px;" for="inputEmail" class="col-lg-3"><b>Upload Images Here :</b></label><br><br>
<div class="col-lg-9">
<input style="position:absolute; left:78%; top:420px;" type="file" name="file" enctype="multipart/form-data" class="form-control" name="incident_reference" onchange="document.getElementById('inc_ref').src = window.URL.createObjectURL(this.files[0]); document.getElementById('inc_ref').className +='_active'; document.getElementById('inc_ref_span').className += '_hidden'">
</div><iframe id="inc_ref" class="form-group" width="220px" height="130px" style="position:absolute; left:78%; top:32%;"></iframe></div>
</form>
3) error code: Notice: Undefined index: name in /opt/lampp/htdocs/create-nearmiss.php on line 57 ONGC TRIPUR Edited March 28, 2020 by Ronel change of var i need the insert code I get the following message: Quote name4Query failed: Unknown column 'late' in 'field list' with this code. What does it mean? Code: [Select] <?php $apt=$_POST['search_term']; $stat = mysql_connect("localhost","root",""); $stat = mysql_select_db("prerentdb"); $query = "SELECT name FROM payments WHERE late = 'L'"; $stat = @mysql_fetch_assoc(mysql_query($query)); echo $stat["name"]; $name=$_POST['name']; $apt=$_POST['apt']; $amtpaid=$_POST['amtpaid']; $rentdue=$_POST['rentdue']; $prevbal=$_POST['prevbal']; $hudpay=$_POST['hudpay']; $tentpay=$_POST['tentpay']; $datepaid=$_POST['datepaid']; $late=$_POST['late']; $comments=$_POST['comments']; $paidsum=$_POST['paidsum']; $query = " INSERT INTO payhist (name,apt,amtpaid,rentdue,prevbal, hudpay,tentpay,datepaid,late,comments,paidsum) VALUES('$name','$apt','$amtpaid','$rentdue','$prevbal', '$hudpay','$tentpay','$datepaid','$late','$comments','$paidsum')"; $stat = mysql_query($query) or die('Query failed: ' . mysql_error()); mysql_close(); echo "data inserted<br /><br />"; ?> I am working with a insert query... Code: [Select] $query="INSERT INTO user_info_more (website) VALUES ('".$website."') WHERE id='$_SESSION[id]'"; mysql_query($query) or die ('Unable to register an account with following details 1'); but the output is " Unable to register an account with following details 1" Basically i have a row with 6 cloumns in mysql database in which only the id column and name column is filled... Now i want to insert $website in the "website" column of the database... Neither i can update as the website column initially is null... I do not know what to do.... A lot of cnfusion Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'like (comment_id, name, like) VALUES ('102','Steven','1')' at line 1 $sql="INSERT INTO like (comment_id, name, like) VALUES ('$_POST[comment_id]','$_POST[name]','$_POST[like]')"; if (!mysql_query($sql,$con)) { die('Error:' . mysql_error()); } echo "You have succesfully liked this comment.<br /><INPUT TYPE=\"button\" VALUE=\"Back\" onClick=\"history.go(-1);\">"; mysql_close($con) Table: comment_id name like For some reason, I cannot spot this error. Can you find it? My $con = mysql_connect is a part I left out but it connects fine! The data form is echo'ing fine but it's not inserting into the MySQL Table. Thanks in Advanced! Okay, I'm hoping one of you can help me. I have a mysql database that I have configured through phpmyadmin. I have an android app that simply makes and sends a mysql query I can get it to successfully return values when using Select statements but when I use INSERT INTO, it returns " Error Query is invalid" BUT BUT BUT, when I use the same string and enter it through the sql tab in myphpadmin it works fine ! So here is the string ( the semicolons at the end of each field name are so I can use something common to split the string up when the data arrives back on the phone) Code: [Select] randomkey||||||INSERT INTO table4 (`geolat;` , `geolong;` , `mode;` , `destgeolat;` , `destgeolong;` , `cellphone;` , `email;` , `carrego;` , `colour;` , `rating;` , `comment;`) VALUES (0.0,0.0,'driver' ,-43.54779,172.62472, , '' ,'' , 'text' , 'ratingleftblank' , 'commentblank' ) the index4.php script is as follows Code: [Select] ?php /* * Written By: * James */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="mysql1.openhost.net.nz"; $DB_USER="bling44"; $DB_PASS="sadlyinept"; $DB_NAME="bling44"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="randomkey"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire and the content type to JSON header('Cache-Control: no-cache, must-revalidate'); header('Content-type: application/json'); if(isset($_POST['tag'])){ //checks ifthe tag post is there $tag=$_POST['tag']; $data=explode("||||||",$tag); //split the SQL statement from the SQLKEY if($data[0]==$SQLKEY){ ///validate the SQL key $query=$data[1]; $link = mysql_connect($DB_ADDRESS,$DB_USER,$DB_PASS); //connect ot the MYSQL database mysql_select_db($DB_NAME,$link); //connect to the right DB if($link){ $result=mysql_query($query); //runs the posted query (NO PROTECTION FROM INJECTION HERE) if($result){ if (strlen(stristr($query,"SELECT"))>0) { //tests if its a select statemnet $outputdata=array(); while ($row = mysql_fetch_assoc($result)){ $outputdata[]=$row; //formats the result set to a valid array } echo json_encode(array("VALUE",$tag,array_merge($outputdata))); //sends out a JSON result with merged output data } else { echo json_encode(array("VALUE",$tag,array_merge(array(array("AFFECTED_ROWS ".mysql_affected_rows($link)))))); //if the query is anything but a SELECT it will return the array event count } } else echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR QUERY IS INVALID"))))); //errors if the query is bad mysql_close($link); //close the DB } else echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR Database Connection Failed"))))); //reports a DB connection failure } else { echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR BAD CODE SUPPLIED"))))); //reports if the code is bad } } ?> So to reiterate. I can search the DB but can't INSERT INTO, unless I go through the myphpadmin interface. Any ideas are very much appreciated Hey, who can help? Example: I want to insert a row with a input and a select option. I am inserting now with select option, but i want to insert with a input too, because if i need to insert a link instead of choosing from select option. --------- (puts a link)Link: ...link... (chooses nothing)Select: Choose one... Submit --------- I need something like if LINK is filled insert it. Nothing happens to SELECT, but they have to have the same row names. Hope its clear enough. Cheers I am wondering about the following problem: I have two sessions, one for the user ($_SESSION['user_id']) and second one for the products inside cart ($_SESSION['cart']). I need to insert data into table racun. I did it this way and it works, but i want to know if this can be done better? Code: [Select] while ($row=mysql_fetch_array($query)){ $id = $_SESSION['korisnik_id']; $idp = $row['product_id']; $kol = $_SESSION['cart'][$row['product_id']]['quantity'] ."<br>"; $insert = "INSERT INTO racun (product_id, quantity, korisnik_id) VALUES ('$idp', '$kol', '$id') "; $result = mysql_query($insert); } hi; Code: [Select] $giden = $_GET['sehir_part']+1; $url = '31.php?sehir_part='.$giden.''; //$erkek_top = 7 for($q=1;$q<=7;$q++) { //i want insert into to mysql in here ; but its doing only one inserting so i want be 7 more insert } header( 'refresh:1;url=31.php?sehir_part='.$giden)and in every page loading i want inserting to mysql againg pls helpme thanks Just a quick question I have a form, couple of drop down boxes, input fields etc.. at the end is the submit button. now my question is should my insert into database sqls go before the submit button inside the form? out side the form? after the button inside the form? If by any chance you could give me some advice on the best way to layout my sql that would be great. They are big and go into three tables, at the moment I have them as three seperate queries but I think they must be able to go into one. can someone please help me with the layout and syntax. here is what the queries look like at the moment: if ($IBselect=$_POST ['IBselect']); { //CUSTOMER $enterCust="INSERT INTO customer(username, password, title, firstName, lastName, address, town, country, postCode, phone, email, dateCust) VALUES ('$_POST[username]', '$_POST[password]', '$_POST[title]', '$_POST[firstName]', '$_POST[lastName]', '$_POST[address]', '$_POST[town]', '$_POST[country]', '$_POST[postCode]', '$_POST[phone]', '$_POST[email]', 'DATE: Auto CURDATE()', CURDATE()"; $enterCust_query=mysql_query($enterCust)or die(mysql_error()); //CARD $enterCard="INSERT INTO card(cardNumber, name, expDate, cardID) VALUES ('$_POST[cardNumber]','$_POST[name]', ' $_POST[expDate]', '$_POST[cardID]')"; $enterCard_query=mysql_query($enterCard); //BOOKING $RCenterBook=mysql_query("INSERT INTO booking (custNumber, cardID, rideName, seatNo1, seatNo2, price, price2, dateBook, ID_time_tbl) VALUES ('$custNumber', '$_POST[cardID]', '$rideName', '$_SESSION[IBextract]', '$_SESSION[IBextract2]', '$IBendPrice1', '$IBendPrice2', 'DATE: Auto CURDATE()', CURDATE()', '$_SESSION[IB_slot_Time]'"); $IBenterBooking_query=mysql_query($IBenterBook); if (!mysql_query($enterCard, $enterCust, $IBenterBook)) { die("Error:" .mysql_error()); } echo "1 record added IB"; } Thanks =) Hello!Is this correct? Code: [Select] $sql="INSERT INTO pacienti (nume, prenume, cnp, varsta, sex, casa_asigurari, oras, strada, numar, judet, data_inregistrarii) VALUES ('$_POST[nume]','$_POST[prenume]','$_POST[CNP]','$_POST[varsta]','$_POST[sex]','$_POST[casa]','$_POST[oras]','$_POST[strada]','$_POST[nr]','$_POST[judet]','$_POST[internare]')"; $sql="INSERT INTO diagnostic (nume) VALUES ('$_POST[diagnostic]')"; and i mean..if i can do 2 insert in 2 different tables...or how can i do this? |
|||||||