1

Newb to php just looking for help with a solution to my problem. Im trying to send form data to a db. I connect fine to the db but I echo out "no record made" when I submit and go to the success.php page.

At one point I did get the error "Incorrect integer value: '' for column 'mobile' at row 1" But seemed to have fixed it by cleaning up my code.

Any help would be greatly appreciated as I'm a bit stumbed!

//index.php code

<?php

//CONNECT DETAILS
$user = 'root';
$password = 'root';
$db = 'db_dev';
$host = 'localhost';
$port = 8889;

//CREATE CONNECT
$link = mysqli_init();
$success = new mysqli($host, $user, $password, $db, $port);
$success->query("SET NAMES 'utf8'");
$success->query("SET CHARACTER SET utf8");

// Check CONNECTION
if ($success->connect_error) {
die("Connection failed: " . $success->connect_error);
}


//VARIABLES & INSERT QUERY
if (isset($_POST["submit"])) {

$sql = "INSERT INTO db_test (name, mobile, date, email )
VALUES ( '', '$_POST[name]', '$_POST[email]', '$_POST[mobile]', NOW())";

$name = $_POST['name'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$userID = mysqli_insert_id($success);

}

mysqli_close($success);
?>

 //success.php code

<?php

//LOCAL CONNECT/MAMP
$user = 'root';
$password = 'root';
$db = 'db_dev';
$host = 'localhost';
$port = 8889;

//CREATE CONNECT
$link = mysqli_init();
$success = new mysqli($host, $user, $password, $db, $port);
$success->query("SET NAMES 'utf8'");
$success->query("SET CHARACTER SET utf8");
// Check CONNECTION
if ($success->connect_error) {
die("Connection failed: " . $success->connect_error);
}

//ECHO OUT SUCCESS
if ($success->query($sql) === TRUE) {
echo "New record created successfully";
 } else {
echo "Error: no record made" . $sql . "<br>" . $success->error;
}

mysqli_close($success);
?>
John
  • 11
  • 1
  • 2
    [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Check your error logs. – Jay Blanchard Dec 28 '15 at 17:01
  • Okay I'll have a look cheers!. Any idea whats causing the issue with the insert? – John Dec 28 '15 at 17:09
  • 3
    You're never executing the `INSERT` query. – Barmar Dec 28 '15 at 17:11
  • You need `$success->query($sql);` – Barmar Dec 28 '15 at 17:12
  • You can't set `$sql` in `index.php` and then try to use it in `success.php`. – Barmar Dec 28 '15 at 17:13
  • 1
    You don't need to insert ' ',for autoincremented columns..It's automatically set in the database when you insert a row.. –  Dec 28 '15 at 17:14
  • 1
    The error logs will tell you that you have a mismatch in the number of columns you're trying to insert. – Jay Blanchard Dec 28 '15 at 17:15
  • 1
    Also you have incorrect sequence of values in `INSERT` statement. Your `INSERT` query should be like this, `$sql = "INSERT INTO db_test(name, mobile, date, email) VALUES ('$_POST[name]', '$_POST[mobile]', NOW(), '$_POST[email]')";` – Rajdeep Paul Dec 28 '15 at 17:16
  • Okay guys. Cheers for the quick replies. I'll delve deeper with teh info supplied. Thanks! – John Dec 28 '15 at 17:19

1 Answers1

0

You have error in SQL..

When you are inserting values, it must be in same order, or you will make mistakes. Plus you are inserting 5 values, but you want to insert in 4(?).

So it will be:

$name = $_POST['name'];
$mobile = $_POST['mobile'];
$email = $_POST['email']};

$sql = "INSERT INTO db_test (id, name, mobile, date, email) VALUES ('', $name, $mobile, NOW(), $email)";

One thing, first column - ID, is not necessary if auto increment is on for that key, if you want you can leave it without.

devpro
  • 16,184
  • 3
  • 27
  • 38
fugitive
  • 357
  • 2
  • 8
  • 26
  • Thank you for the clarification on the autocrement. I removed them now and adjusted by my code. I'll also look into the issues raised above. Cheers! – John Dec 28 '15 at 17:25