Get variable isn't written to database

Question

I've got this code

$cislonakupu=$_GET['cislonakupu'];

    if($_REQUEST['command']=='update'){
        $datum = Date("j/m/Y H:i:s", Time());
    $user1=mysql_query("SELECT * FROM `register` WHERE `username`='$session'");
    $mu=mysql_query("SELECT * FROM `velikostiobj` WHERE `objednavkac`='$cislonakupu'");$cislonakupu=$_GET['cislonakupu'];

        $customerid=mysql_insert_id();
        $date=date('Y-m-d');
        $orderid=mysql_insert_id();

        $max=count($_SESSION['cart']);
        for($i=0;$i<$max;$i++){
            $pid=$_SESSION['cart'][$i]['productid'];
            $q=$_SESSION['cart'][$i]['qty'];
            $price=get_price($pid);
            $cp=$_POST['cp'];
        $velikots=$row['velikost'];

$n= date('j/m/Y H:i:s', strtotime($Date. ' + 14 days'));

    while ($row=mysql_fetch_array($mu)) {

                        $resultik=mysql_query("INSERT INTO `objednavkyinfo`(cislonakupu,produkt,mnozstvi,cena,cislofaktury,username,datumnakupu,dorucitdodata,velikost,dorucspol) VALUES ('$cislonakupu','$pid','$q','$price','$cislofaktury','$session','$datum','$n','$velikots','$cp')") or die(mysql_error());
}

        }
        header("Location: shoppingcart.php?delete=ano");


    }

I need to write $velikots to and database.

If $velikots="Some text"; - It's working

If $velikots=$row['velikost']; - Not working

Where's the problem?

@Max : Yes, I know, I am solving this problem first, then the SQLI security — user2808698, Sep 22 '14 at 18:44
Why don't you use `INSERT INTO ... SELECT` instead of the loop? — Barmar, Sep 22 '14 at 18:44
$velikots=$row['velikost']; this line has to be inside while loop. — yajakass, Sep 22 '14 at 18:51

score 2 · Answer 1 · edited May 25 '19 at 12:05

2

~~You never fetch your results~~. You are trying to use the results of your query before you actually fetch them from your database.

$row = mysql_fetch_assoc($mu);
$velikots = $row['velikost'];

You should then be able to remove your while loop:

 while ($row=mysql_fetch_array($mu)) { ... } // remove this.

Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial. You are also wide open to SQL injections

edited May 25 '19 at 12:05

Zoe

27,060
21
118
148

answered Sep 22 '14 at 18:44

John Conde

217,595
99
455
496

He has `while ($row=mysql_fetch_array($mu)) {`. The problem is that this is after the assignment. – Barmar Sep 22 '14 at 18:45
Ahh. I missed that when scanning the code. Reformulating answer. – John Conde Sep 22 '14 at 18:47
Hmm, It still doesn't write $velikots into database – user2808698 Sep 22 '14 at 18:53
There you go. There's no value. So it makes sense why you see what you are seeing. – John Conde Sep 22 '14 at 18:56
Sorry, am just 16 and I am not very good in PHP, but , if $velikots fetches data from database, these data has to be writable to other database too, am I right? – user2808698 Sep 22 '14 at 18:59
I am not sure what you mean. But basically if that field in the database is empty the PHP variable you assign it to will also be empty. – John Conde Sep 22 '14 at 19:01
Okey, I understand. So, where is mistake in that code? Because, I don't see any reason why $velikots should not have any data. – user2808698 Sep 22 '14 at 19:06
That code is fine. Check your database to make sure that column has a value in it. If it doesn't, check the code that populates it as that is where your error lies. – John Conde Sep 22 '14 at 19:09

Get variable isn't written to database

1 Answers1