php - insert record into SQL database

Question

hi there i am using the following php code to insert a record into a SQL database... but the code doesnot work..

<?php
include_once("config.php");

$academicDate = $_POST['aDate'];
$academicDescription = $_POST['aDescription'];
$academicTitle = $_POST['aTitle'];

$sql = "INSERT INTO academicnews (id, newsDate, newsDescription, newsTitle) VALUES ('', $academicDate, $academicDescription, $academicTitle)";

 if (mysql_query($sql)) {

echo "Record Aded to Database. Hit OK to add more";

 }else{
     echo "Failed to add record to database";
 }

?>

note that the id is an auto_increment number..... and the config.php file code is..

<?php
########## MySql details (Replace with yours) #############
$username = "root"; //mysql username
$password = "s1j55b123456789"; //mysql password
$hostname = "localhost"; //hostname
$databasename = 'dominie'; //databasename

$connecDB = mysql_connect($hostname, $username, $password)or die('could not connect to database');
mysql_select_db($databasename,$connecDB) or die(mysql_error());

?>

how do i solve this (it echos failed to add record) problem... any help would be appreciated.. thanks in advance... :)

What doesn't work? You need to do a better job of describing your problem. — John Conde, Dec 08 '13 at 20:33
Use `mysql_error()` to know better what's going wrong. Might just be a quote in the title / descriptions, since your unescaped query is easily breakable — Damien Pirsy, Dec 08 '13 at 20:34
[Please, don't use `mysql_*` functions in new code](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [red box](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://j.mp/PoWehJ). FYI, you are also wide open to [SQL injections](http://stackoverflow.com/q/60174) — John Conde, Dec 08 '13 at 20:35

score 1 · Answer 1 · answered Dec 08 '13 at 20:34

1

What I see is that you don't use quotes around your values, when they are not numeric values.

Try:

 $sql = "INSERT INTO academicnews (id, newsDate, newsDescription, newsTitle) VALUES ('%', '$academicDate', '$academicDescription', '$academicTitle')";

answered Dec 08 '13 at 20:34

px1mp

5,212
1
18
10

score 1 · Accepted Answer · answered Dec 08 '13 at 20:36

1

Try it, please:

 $sql = "INSERT INTO academicnews (newsDate, newsDescription, newsTitle) VALUES ('$academicDate', '$academicDescription', '$academicTitle')";

answered Dec 08 '13 at 20:36

MillaresRoo

3,808
1
31
37

score 1 · Answer 3 · answered Dec 08 '13 at 20:37

1

Try this

 $sql = "INSERT INTO academicnews (newsDate, newsDescription, newsTitle) VALUES ($academicDate, $academicDescription, $academicTitle)" ;

answered Dec 08 '13 at 20:37

akki

2,021
1
24
35

looks like MillaresRoo hit the enter a few seconds before me.. ;) – akki Dec 08 '13 at 21:18

php - insert record into SQL database

3 Answers3