0

I am new to PHP. I tried to insert form data into SQL data into local DB. I always getting failed error.

Here I is my two files from same. Please guide me to solve my query for same.

  <?php

$mysql_hostname = "localhost";
$mysql_user = "root";
$mysql_password = "";
$mysql_database = "my_db";

$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Opps some thing went wrong");
mysql_select_db($mysql_database, $bd) or die("Opps some thing went wrong");


$sql_insert = "INSERT INTO company ('company_no','name', 'address', 'model','fabno', 'startdate', 'enddate',
               'InvoiceDate', 'contatctPerson','phoneNumber', 'mailId', 'ccsNO', 'ElgiRegion', 'kmreading') 
     VALUES (NULL,'$_POST[compnay_name]','$_POST[address]','$_POST[fabno]','$_POST[startdate]','$_POST[enddate]',
        '$_POST[InvoiceDate]','$_POST[contatctPerson]','$_POST[phoneNumber]',
          '$_POST[mailId]','$_POST[ccsNO]','$_POST[ElgiRegion]','$_POST[kmreading]')";

echo "$sql_insert";

$result = mysql_query($sql_insert,$bd);

if ($result) {
    echo("<br>Input data is succeed");
} else {
    echo("<br>Input data is fail");
}

mysql_close($bd);

?>

Here I am getting always Input data is fail.

NovusMobile
  • 1,813
  • 2
  • 21
  • 48
  • mysql_error() gives you the last error reported by MySQL. Change the `echo("
    Input data is fail")` into `echo mysql_error()` and tell us what it gave you.     – Johannes H. Nov 03 '13 at 17:52
  • The `mysql_` functions are obsolete. Please use [PDO](http://us1.php.net/manual/en/ref.pdo-mysql.php) or [mysqli](http://us1.php.net/manual/en/book.mysqli.php). Also, you should never use string interop to build sql queries from post data because it creates the potential for [sql injection](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Dan Nov 03 '13 at 17:54
  • I am really disagreed with your decision for this. What one developer can found on stackover flow if he has question it will answer. I don't think this policy to close question only due to one understanding for this is less. I already mentioned I am new in PHP. Let have questions regarding android & Embedded. I will stay on very long time compare to others. I firmly believe one should take look in my comment. – NovusMobile Nov 07 '13 at 17:45

2 Answers2

1

First off, you've not escaped any of your data. If I were to post to your form "Let's have a party" your SQL breaks because my apostrophe makes your SQL look like

VALUES(NULL, 'Let's have a party')

You can resolve this by passing your data through mysql_real_escape_string (I only show a snippet for an example)

$sql = "VALUES (NULL,'" . mysql_real_escape_string($_POST['company_name']) . "')";

Which makes your SQL look like this

VALUES(NULL, 'Let\'s have a party')

This brings me to my last point. If you clicked my link above, you saw the big, scary red block warning you mysql_ is depreciated and may be removed from future versions of PHP. Try using mysqli

Machavity
  • 30,841
  • 27
  • 92
  • 100
0

It seems like there are a lot of typos in your query. For example 'contatctPerson'. I'm guessing that is supposed to read as 'contactPerson'. Those typos will cause the errors if the table you are working with does not have the same misspellings for the field names. I would suggest going word by word and proofreading the spelling of all your values.

Nate Perry
  • 75
  • 10