0

I try to change my code because all the function that i use normaly are deprecated. So i try to use mysqli and ->query to insert some data and it's impossible to insert something. I have no error, but nothing appears in my db.

Here is my code ?

index.php

<?php
// Connexion à la base de données
$ConnectDB = new mysqli("localhost", "Tiriox", "trustno1", "energie");
//$ConnectDB = new mysqli("localhost", "Tiriox", "trustno1", "dbname");
?>

<table width="940" align="center" cellspacing="0" cellpadding="0" style="border: 1px solid black;border-color: #CCCCCC">
    <tr>
        <td align="center" valign="top">
            <form method="post" action="index.php?Envoyer" enctype="multipart/form-data">
                <span><b>Informations du compte</b></span><br><br>
                <label for="nom">Nom : </label><input name="nom" type="text" /><br />
                <label for="prix" >Prix : </label><input name="prix" type="text" /><br />
                <label for="type">Type : </label><input name="type" type="text" /><br />

                <label for="sexe">Sexe : </label> 
                <input type="radio" name="sexe" value="M"/> <label for="sexe">M</label>
                <input type="radio" name="sexe" value="F" /> <label for="Sexe">F</label><br />

                <input type="submit" value="Envoyer" /></form>
        </td>
    </tr>
</table>
<br>
<?php
if (isset($_GET['Envoyer']))
{
     $nom = addslashes($_POST['nom']);
     $prix = addslashes($_POST['prix']);
     $type = addslashes($_POST['type']);
     $sexe = addslashes($_POST['sexe']);


     echo $nom;
     echo $prix;
     echo $type;
     echo $sexe;

     $VRetour = $ConnectDB->query("INSERT INTO distribution(nom,prix,type) VALUES(".$nom.",".$prix.",".$type.")");
     echo '<br>';
     echo $VRetour;
     echo 'Toutes vos informations ont été ajoutee';

}
?>

Have you an idea ?

Thank you very much and sorry for the inconvenience

Thomas Clermont
  • 65
  • 6
  • 1
    1. You don't check for errors 2. You are wide open to SQL injection – John Conde Jan 21 '16 at 18:24
  • where are quotes for character or string datatype values? – Thamilhan Jan 21 '16 at 18:25
  • if(!$ConnectDB->query("INSERT INTO distribution(nom,prix,type) VALUES(".$nomv.",".$prixv.",".$typev.")")); { echo "Test : (" . $ConnectDB->errno . ") " . $ConnectDB->error; } Here is the error code that i have. I don't understand why the system search the column because i put the variable in the value :/ (1054) Unknown column 'adada' in 'field list' – Thomas Clermont Jan 21 '16 at 18:43
  • I find my errror, it was a problem of quote like Thamizhan say. Thank you verry much :) – Thomas Clermont Jan 21 '16 at 18:52

0 Answers0