0

I tried inserting a row in a table using a php and HTML file in dreamweaver however it is not showing up when I refresh phpMyAdmin page?

PHP

    <?php

$username="root";
$database="conception";

mysql_connect("127.0.0.1" ,$username);
@mysql_select_db($database) or die( "Unable to select database");

$query = "INSERT INTO order VALUES ('','Shirt','M','black','that photo','L','none','UL','none','Sharpiee','#E0E0E0','BIU','Lobster','bottom','L')";

mysql_query($query);
mysql_close();

?>

I also used "localhost" instead of 127.0.0.1 but that did not work aswell. When i press the button in my form first it showed mysql_connect error but then i removed the password as a perimeter and onCLick it moves to a blank page.

Francisco
  • 10,918
  • 6
  • 34
  • 45
zaain
  • 13
  • 6
  • The `mysql` extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the `mysqli` or `PDO_MySQL` extension should be used – Jonan Sep 14 '14 at 14:50

2 Answers2

2

First of all don't use mysql extension any more, it's deprecated of PHP 5.5 and will be removed in future, so use mysqli or PDO extension instead. Second mysql_connect() function should have 3 parameters. Check it here.

Asher
  • 557
  • 3
  • 18
2

ORDER is a MySQL reserved keyword. That word is used for doing ORDER BY, an optimization method.

Either wrap it in backticks or use another word for it (rename your column to "orders") which is OK.

$query = "INSERT INTO `order` VALUES ...

Add error reporting to the top of your file(s) which will help during production testing.

error_reporting(E_ALL);
ini_set('display_errors', 1);

which would have signaled the error.

Also add or die(mysql_error()) to mysql_query().

Footnotes:

mysql_* functions deprecation notice:

http://www.php.net/manual/en/intro.mysql.php

This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.

These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.

Documentation for MySQL can be found at » http://dev.mysql.com/doc/.

Your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements.

Look up DB connection method for mysql_ functions:

From example #1

<?php
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);
?>

From mysql_select_db - DB selection.

From example #1

<?php

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
    die('Not connected : ' . mysql_error());
}

// make foo the current db
$db_selected = mysql_select_db('foo', $link);
if (!$db_selected) {
    die ('Can\'t use foo : ' . mysql_error());
}
?>
Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141