0

I am trying to insert 2 scores into Mysql for two photos for a particular user that already exists in the database. The scores and the photos are both POST variables from a form. I am having great difficulty with the syntax - I am fairly certain the error is related to the position of quotes but despite searching here and finding similar questions I can't seem to get it working. Loathed to bother people with this but need some executive assistance. 

$imageT=$_POST[randomimage]."T" ;
$imageH=$_POST[randomimage]."H" ;
$observerid=$_POST[scoreid];
$traction=$_POST[gradeT];
$honeycomb=$_POST[gradeH];


$sql="INSERT INTO scorers ('$imageT', '$imageH')
    VALUES ('$imageT', '$imageH') WHERE id=$observerid ";
        if (!mysqli_query($con,$sql)) {
            die('Error: ' . mysqli_error($con));
        } else {
            header("Location: testform.php");
        }                                          '

$imageT and $imageH are both integers with either T or H appended to them, for example 12T or 14H therefore I assumed they would be treated as strings and I put quotes around them. $traction, $honeycomb and $observerid are all integers. When I echo $imageT, $imageH, $traction, $honeycomb and $observerid the correct values are shown so I am assuming that there is no error in the these, just they way I am placing them within SQL code.

Very much appreciate any help (been learning PHP and My SQL for only 4 weeks so apologies).

Mr. Alien
  • 153,751
  • 34
  • 298
  • 278
GhostRider
  • 2,109
  • 7
  • 35
  • 53
  • Are you adding a new row or updating an existing one? Your SQL seems to be trying to do both, which isn't going to work (at least, not with that syntax). – staticsan Jul 15 '13 at 07:09

1 Answers1

0

At least three main problems at glance

  1. You aren't using prepared statements
  2. You are using WHERE clause in INSERT statement which is useless and erroneous. Either remove WHERE part or change your query to UPDATE.
  3. You didn't post the error with your question. Which you always have to. Error messages is a cornerstone of troubleshooting.
Community
  • 1
  • 1
Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
  • apologies, I'm showing my ignorance.$imageT=$_POST[randomimage]."T" ; $imageH=$_POST[randomimage]."H" ; $observerid=$_POST[scoreid]; $traction=$_POST[gradeT]; $honeycomb=$_POST[gradeH]; $imageT=mysqli_real_escape_string($con, $imageT); $imageH=mysqli_real_escape_string($con, $imageH); $sql = "UPDATE scorers SET "; $sql .= "$imageT = '{$traction}', "; $sql .= "$imageH= {$honeycomb}, "; $sql .= "WHERE id = {$observerid}"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } else { header("Location: testform.php"); } – GhostRider Jul 15 '13 at 13:16