-1

I am attempting to put a value into a Mysql database using php. I am only at the earliest stages, to ensure it works before applying it to my project. I have looked at different ways to implement through other people's questions, and I am not sure why this isn't inserting the value.

Am I supposed to assign a particular row to insert it to? Right now, I am simply trying to insert the value of 3 into the Yield column of the database. I have checked to ensure proper capitalization of the first letter in the column name, and proper name of database table being cost_table.

When I run this, I get the printed statement, "failed to insert.." When I check the database, it is still entirely null.

<?php
//variables as connection info...//
   $LinkID=mysql_connect("$host","$username","$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");



$sql = "INSERT INTO cost_table('Yield') VALUES 3";
$check=mysql_query($sql,$LinkID);
if (!$check){
    die ("failed to insert..");
}
echo "Insert Successful!";
?>
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
Scotti Carley
  • 35
  • 5
  • This whole line is incorrect `INSERT INTO cost_table('Yield') VALUES 3` please read the manual on INSERT http://dev.mysql.com/doc/eninsert.html and identifiers http://dev.mysql.com/doc/refman/5.0/en/identifier-qualifiers.html – Funk Forty Niner Mar 31 '15 at 18:20
  • Do this `$check=mysql_query($sql,$LinkID) or die(mysql_error());` and you'll see what I mean. – Funk Forty Niner Mar 31 '15 at 18:23
  • Plus, I suggest you look into using prepared statements right away before you go any further with *your project*. – Funk Forty Niner Mar 31 '15 at 18:32

2 Answers2

1

Please learn the basics before trying something

Below links will be useful

Correct query is 

INSERT INTO cost_table(`Yield`) VALUES (3)
georgecj11
  • 1,600
  • 15
  • 22
1

Firstly, you're using the wrong identifiers for the column you're wanting to insert into, and you've missing brackets and quotes for the values.

You may have seen a video tutorial somewhere, where the ticks looked like regular quotes; this has often been the case.

Faulty code:

INSERT INTO cost_table('Yield') VALUES 3

Which should read as, and using ticks instead of regular single quotes around the column name:

$sql = "INSERT INTO cost_table (`Yield`) VALUES ('3')";

or, if your column is indeed an int type:

$sql = "INSERT INTO cost_table (`Yield`) VALUES (3)";

If you're later going to want to use $ signs and/or decimals $3.99 then you will need to quote the values VALUES ('$3.99'), otherwise MySQL will complain about that. This type of value will require your column to be VARCHAR though; just a sidenote. For decimal minus the dollar sign, will require a decimal column type.

Having used the following, would have signaled the syntax errors:

$check=mysql_query($sql,$LinkID) or die(mysql_error());

However, you're open to SQL injection using this method and I suggest you use prepared statements before going any further with your project.

Here are a few examples:

An example of a mysqli prepared statement:

$link = mysqli_connect("localhost", "user", "password", "database");

if (mysqli_connect_errno()) {
     printf("Connect failed: %s\n", mysqli_connect_error());
     exit();
} 

    $variable_1 = "Text";
    $variable_2 = "More text";

    $stmt = $link->prepare("INSERT INTO table_name 
                            (column_1, column_2) 
                            VALUES (?,?)");

    $stmt->bind_param('ss', $variable_1, $variable_2);
    $stmt->execute();
  • Sidenote: s is for strings

An example of a PDO prepared statement:

$dbh = new PDO('mysql:host=localhost;dbname=your_DB', $user, $pass);

$var_1 = "Text";
$var_2 = "More text";

$stmt = $dbh->prepare("INSERT INTO table_name 
                       (column_1, column_2) 
                       VALUES (:var_1,:var_2)");

$stmt->execute(array(':var_1' => $var_1, ':var_2' => $var_2));

References:

Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
  • I have made the change with the ticks verbatim, and I am receiving no error, however when I check on the mysql workbench the value of 3 is not on the database. I appreciate the mention of injection risk, and also of the code being outdated. I am writing this on an older server that I am not allowed to update, and the inserted values will be calculated without user submission. – Scotti Carley Mar 31 '15 at 19:32
  • @ScottiCarley I need you to provide DB schema. Also add error reporting to the top of your file(s) right after your opening PHP tag for example ` – Funk Forty Niner Mar 31 '15 at 19:40
  • @ScottiCarley Also change your db select code to `mysql_select_db("$db_name", $LinkID) or die('Not connected : ' . mysql_error());` to see if any errors come of it. Also use the connection method as outlined in example #1 at http://php.net/manual/en/function.mysql-connect.php – Funk Forty Niner Mar 31 '15 at 19:44
  • Okay, so I have found that it has been storing the values at the bottom of my column instead of the top.. I kept checking at the first cell in the column. Is there a way to make it insert at the top? – Scotti Carley Mar 31 '15 at 19:48
  • @ScottiCarley Unfortunately there isn't a way to do that. MySQL inserts data under each newly added row. If you wish to show newly added data in a specific order on a web page, you can use `ORDER BY column DESC` or `ASC` when doing a `SELECT`. Consult https://dev.mysql.com/doc/refman/5.0/en/select.html – Funk Forty Niner Mar 31 '15 at 19:49
  • @ScottiCarley What I said just above... not entirely true. There is a way but it's a bit complicated. I've only seen examples of, but never did one myself. Here are a few links http://stackoverflow.com/q/9414885/ and http://www.w3resource.com/mysql/inserting-updating-deleting/insert-records-with-group-by.php but I won't be able to help you out with that. If my answer solved it, please accept as correct which I believe has. – Funk Forty Niner Mar 31 '15 at 19:53