writing on sql with php

Question

I wrote a code with a form:

<form method="post">
<table>
<tr>
<td style="text-align:right">Artista:</td>
<td><input type="text" name="artist" /></td>
</tr>
<tr>
<td style="text-align:right">Titulo:</td>
<td><input type="text" name="title" /></td>
</tr>
<tr>
<td style="text-align:right">Capa (link):</td>
<td><input type="text" name="cover" /></td>
</tr>
<tr>
<td colspan="2">
<center>
<input type="submit" style="margin-top:20px" />
</center>
</td>
</tr>
</table>
</form>

Then I wrote some php to get the info on form and put it on a mySQL database.

if (isset($_POST['submit'])){
   $dbhost = 'HOST';
   $dbuser = 'USER';
   $dbpass = 'PASS';
   $conn = mysql_connect($dbhost, $dbuser, $dbpass);
   $artist = strtoupper($_POST[artist]);
   $title = strtoupper($_POST[title]);
   $cover = $_POST[cover];
   if(! $conn )
   {
  die('Could not connect: ' . mysql_error());
   }
   $sql = "INSERT INTO 'MusicList'('artist', 'title', 'cover', 'votes') VALUES ('".$artist."', '".$title."', '".$cover."', 0)";
mysql_select_db('DATABASE_NAME');
   $retval = mysql_query( $sql, $conn );
   if(! $retval )
   {
  die('Could not enter data: ' . mysql_error());
   }
   echo "<center><h1>Success!</h1></center>";
   mysql_close($conn);
   }

However it seems something has gone wrong because it doesn't write anything on SQL. Can you tell me what did I wrote wrong?

Incorrect quotes, your query should be like this: `$sql = "INSERT INTO MusicList(artist, title, cover, votes) VALUES ('".$artist."', '".$title."', '".$cover."', 0)";` — Rajdeep Paul, Jan 20 '16 at 20:19
Once you fix the wrong identifier qualifiers http://dev.mysql.com/doc/en/identifier-qualifiers.html, `if (isset($_POST['submit'])){...}` will never happen. Name it and fix the quotes; you'll see magic happen. — Funk Forty Niner, Jan 20 '16 at 20:21
@ChrisTrudeau - You didn't need to delete your answer, you just need to fix the identifiers for the columns and the unnamed submit ;-) — Funk Forty Niner, Jan 20 '16 at 20:26
Ok thanks, was hesitant to take credit for someone else's fixes lol — Chris Trudeau, Jan 20 '16 at 20:28
@Fred-ii- out of curiosity, you always seem to comment and never answer, do you not care about rep and only want to help people? I would say it's a combination of the two for me. — Chris Trudeau, Jan 20 '16 at 20:34
@ChrisTrudeau *wink*, pretty much. Plus, Stack wants us to mark those as duplicates, which is the biggest problem with their code. Adding a comment about an unnamed form element, will put them on track to success ;-) — Funk Forty Niner, Jan 20 '16 at 20:35

Chris Trudeau · Answer 1 · 2016-01-20T20:28:22.490

1

Change the single quotes around MusicList to be backticks, and get rid of the single quotes around the column names like this:

$sql = "INSERT INTO `MusicList`(artist, title, cover, votes) VALUES ('".$artist."', '".$title."', '".$cover."', 0)";

SQL isn't expecting quotes here.

Also as Fred pointed out, you need to name your submit button, or else the if statement will always be false.

So something like:

<input type="submit" name="submit_button" style="margin-top:20px" />

and change the if statement to:

if (isset($_POST['submit_button'])){

edited Jan 20 '16 at 20:28

answered Jan 20 '16 at 20:19

Chris Trudeau

1,427
3
16
20

I'd have a second look at what you tried to fix ;-) – Funk Forty Niner Jan 20 '16 at 20:20
That does need to be fixed right? or am I crazy? – Chris Trudeau Jan 20 '16 at 20:22
In addition to what I see you commented on the question – Chris Trudeau Jan 20 '16 at 20:23
`('artist', 'title', 'cover', 'votes')` http://dev.mysql.com/doc/en/identifier-qualifiers.html ;-) – Funk Forty Niner Jan 20 '16 at 20:23

writing on sql with php

1 Answers1