Data not inserting into mysql Database in php

Question

i am trying to insert data into mysql database but all thing going fine no error occur but when i browse data so it is not inserted into database here my coding kindly check it out.

here my html codes:

<html> <head>

<title>Insert Latest News</title>

</head>

<body>

<form action="insert_post.php" method="POST" enctype="multipart/form-data">

<table align="center" border="10" width="800">

<tr> <td align="center" colspan="5" bgcolor="yellow"><h1>Insert Latest News</h1></td> </tr>

<tr> <td>Post Title</td> <td><input type="text" name="title" size="30" /></td> </tr>

<tr> <td>Post Author</td> <td><input type="text" name="author" /></td> </tr>

<tr> <td>Post Image</td> <td><input type="file" name="image" /></td> </tr>

<tr> <td>Post Content</td> <td><textarea name="content" cols="50" rows="20"></textarea></td> </tr>

<tr> <td colspan="5" align="center"><input type="submit" name="submit" value="Publish" /></td> </tr> </table>

</form> </body> </html>

Here is my connection script

$connect = mysql_connect("localhost","root",""); 
$con = mysql_select_db("express", $connect); 
if ($con){ 
    echo ""; 
} else { 
    echo "databse not connected"; 
}

here my php codes:

<?php require("connect.php");

if (isset($_POST['submit'])){

    $title = $_POST['title'];
    $author = $_POST['author'];
    $content = $_POST['content'];
    $image_name = $_FILES['image']['name'];
    $image_type = $_FILES['image']['type'];
    $image_size = $_FILES['image']['size'];
    $image_tmp = $_FILES['image']['tmp_name'];
    $date = Date('y/m/d');

    if ($title=='' or $author=='' or $content=='' or $image_name==''){

        echo "<script>alert('Any feild is empty')</script>";
        exit();
    }
    if ($image_type=='image/jpeg' or $image_type=='image/png' 
    or $image_type=='image/gif' or $image_type=='image/jpg'){

        echo "";
    } else {
        echo "<script>alert('your image type is not allowed')</script>";
    }
    if ($image_size<=1000000){
        move_uploaded_file ($image_tmp, "images/$image_name");  
        exit();
    } else {

      echo "<script>alert('Image is larger, not allowed by admin ')</script>";
    }

    $query = "INSERT INTO news
             (news_title, news_author, news_content, news_image, news_date) 
             values($title,$author, $content, $image_name, $date,)";

    if ($query){
        echo "<center><h1>Your News has Been Published</h1></center>";
    } 
} 
?>

`($title,$author, $content, $image_name, $date,)` is failing you for a few reasons. — Funk Forty Niner, Feb 04 '16 at 16:12
it should be $db_connection->query($your_query) in your if condition — Hasan Tareque, Feb 04 '16 at 16:16
what we'd really like to know, is what's inside `connect.php` and whether you are using `mysql_` or `mysqli_` or PDO, or other to connect with. You did not tag as mysql so that could be MSSQL for all we know. — Funk Forty Niner, Feb 04 '16 at 16:32
here my connect.php file codes: $connect = mysql_connect("localhost","root",""); $con = mysql_select_db("express", $connect); if ($con){ echo ""; } else { echo "databse not connected"; } — Zubair Ali, Feb 04 '16 at 16:44
**No errors** Thats because you are not looking for them !!!!! — RiggsFolly, Feb 04 '16 at 16:51
@Fred-ii- Actually he is **not executing the bloomin query** _but all thing going fine no error occur_ Hahahah _If you have space in your answer maybe you can add that_ — RiggsFolly, Feb 04 '16 at 16:53
@RiggsFolly my bad. Thought he was mixing and deleted my comment about it. *Sorry Smokey* — Funk Forty Niner, Feb 04 '16 at 16:56
@ZubairAli well, I have stuck around this question long enough. You have enough answers in here to help you get you on the right track. Good luck. — Funk Forty Niner, Feb 04 '16 at 17:13

score 3 · Answer 1 · answered Feb 04 '16 at 16:15

You code is basically horrible:

1) Vulnerable to SQL injection attacks
2) No upload validation at all
3) Simply assumes success on all operations

and your main problem, ignoring the rest:

4) Syntax errors due to your lack of quotes and extra commas in your query string::

$query = "INSERT INTO news
(news_title, news_author, news_content, news_image, news_date) 
values('$title','$author', '$content', '$image_name', '$date',)";
       ^------^-^-------^--^--------^--^-----------^--^-----^---missing
                                                             ^---wrong

If you'd done ANY kind of defensive programming, e.g. checking for errors, you'd have been told about your sql syntax problems... Never EVER assume success. Always assume failure, check for failure, and treat success as a pleasant surprise.

score 2 · Answer 2 · answered Feb 04 '16 at 16:15

2

You forgot to execute the query: $result = mysql_query($query);

And you forgot to establish a connection:

$connection = mysql_connect(DB_HOST, DB_USER , DB_PASS) 
or die("Could not connect to the database."); 
mysql_select_db(DB_NAME) or die ("Database could not be selected.");

I would - by the way - use 1048576 instead of 1000000 as your maximum image size.

answered Feb 04 '16 at 16:15

J. Gower

139
6

i established db connection and add them by require function like this: require("connect.php"); and in connect.php file i coded: $connect = mysql_connect("localhost","root",""); $con = mysql_select_db("express", $connect); if ($con){ echo ""; } else { echo "databse not connected"; } – Zubair Ali Feb 04 '16 at 16:22
Ok. But anyway you forgot to execute it then with `mysql_query($query)` or `mysqli_query($query)` – J. Gower Feb 04 '16 at 16:25
@J.Gower sidenote: `mysqli_query($query)` the MySQLi_ API requires a db connection be passed to it and as the first parameter. I.e.: `mysqli_query($connection, $query)`. Yet, their API used to connect with is totally unknown. – Funk Forty Niner Feb 04 '16 at 16:37
Oh ok. My bad. But just added an "i" to the mysql statement and forgot to add it. Thx :D – J. Gower Feb 04 '16 at 16:38
@J.Gower I upvoted your answer, since the OP was using the `mysql_` API to connect with all along. Whether that will work for them or not, is unknown. Maybe their system no longer supports that old API. – Funk Forty Niner Feb 04 '16 at 17:09
@J.Gower However, you did not pick up on `($title,$author, $content, $image_name, $date,)`. Just thought you'd like to know that. That will error out for a few reasons, as outlined in the other answers. – Funk Forty Niner Feb 04 '16 at 17:12
True. But the execution was the first mistake I saw :D – J. Gower Feb 04 '16 at 19:07

score 1 · Answer 3 · edited May 23 '17 at 10:31

($title,$author, $content, $image_name, $date,) is failing you for a few reasons.

String literals require them to be quoted and you have a trailing comma.

('$title','$author', '$content', '$image_name', '$date')

Reference:

http://dev.mysql.com/doc/refman/5.7/en/string-literals.html

You also are not querying and the MySQL API you are using to connect with is unknown.

connect.php is a Pandora's box.

Consult: http://php.net/manual/en/mysqlinfo.api.choosing.php

Query methods for you to read up on, when querying a MySQL database in PHP.

http://php.net/manual/en/mysqli.query.php - MySQLi_
http://php.net/manual/en/function.mysql-query.php - MySQL_
http://php.net/manual/en/pdo.query.php - PDO

and make sure you are not mixing those.

Consult: Can I mix MySQL APIs in PHP?

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Then the rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.

Also check for errors against your query. I cannot provide the link for it, since I do not know which MySQL you are using to connect with.

mysql_ ?
mysqli_ ?
PDO ?
other ?
Only you know that.

Your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements.

Footnotes:

Also make sure that the folder you are wanting to upload to, has the right permissions set for it.

Error reporting will tell you if there's something wrong with it.

Edit: and a final attempt to help out.

I will assume a MySQLi_ connection here. If it's MySQL_ or PDO, you'll need to look at the manuals.

I believe I have done enough to help you solve this.

Sidenote: I used $connection as the connection variable. Only you know what's used inside your connect.php file.

$query = mysqli_query($connection, "INSERT INTO news
            (news_title, news_author, news_content, news_image, news_date) 
            values('$title','$author', '$content', '$image_name', '$date')");

if ($query){

    echo "<center><h1>Your News has Been Published</h1></center>";
}

else{
    echo "Error: " . mysqli_error($connection);
    }

Additional edit:

Seeing this comment you placed:

"here my connect.php file codes: $connect = mysql_connect("localhost","root",""); $con = mysql_select_db("express", $connect); if ($con){ echo ""; } else { echo "databse not connected"; }"

You need to check for the real error here, using mysql_error().

Then my above edit will need to be changed to mysql_query() and if a connection is required, it needs to be the last parameter.

What I suggest you do is to switch over to either the MySQLi_ or PDO API.

Those links have been provided here in my answer.

MySQL_ method.

$query = mysql_query("INSERT INTO news
            (news_title, news_author, news_content, news_image, news_date) 
            values('$title','$author', '$content', '$image_name', '$date')");

if ($query){

    echo "<center><h1>Your News has Been Published</h1></center>";
}

else{
    echo "Error: " . mysql_error();
    }

Sidenote: If a connection is required, do if ($query, $connection)

If that still fails you, then you most likely will need to switch over to either MySQLi_ or PDO.

Good luck.

But i tried the same codes on my another laptop so data properly inserting into database, i think any issue with my wamp server i uninstalled and then installed it many times but the issue is same i am using windows 7 64 bit. — Zubair Ali, Feb 04 '16 at 16:31
@ZubairAli I left you a comment under your question and in my answer. We don't know which MySQL API you are using to connect with or if you successfully connected in the first place. As stated by myself and others, you did not query the database and a connection is required to be passed to it. That is unknown. You'll need to read the links I left in my answer and go from there. There isn't really anything I can add to it, sorry. Check for errors as I also stated in my answer. — Funk Forty Niner, Feb 04 '16 at 16:34
@ZubairAli I've made an additional edit to my answer to try and help you out more. Reload it and look under **Edit: and a final attempt to help out.** - It will be a final attempt, sorry. I sincerely wish you good luck on this. *Cheers* — Funk Forty Niner, Feb 04 '16 at 16:51

score 1 · Answer 4 · edited Sep 22 '16 at 07:38

1

For some, who like me found most of the answers did not cure the problem, try

if (!mysqli_commit($link)) print("<p>Transaction commit failed</p>\n");

it appears that some mysql (or Mariadb) distributions may have auto commit turned off. the key was in the fact that when I pasted my query directly into mysql I found that the ID was incrementing, just no data in the table.

edited Sep 22 '16 at 07:38

Petter Friberg

21,252
9
60
109

answered Sep 22 '16 at 07:31

PeterB

37
1

score -1 · Answer 5 · edited May 09 '17 at 08:56

You forgot to put quotes in mysql values insert

$query = "INSERT INTO news
             (news_title, news_author, news_content, news_image, news_date) 
             values($title,$author, $content, $image_name, $date,)";

You must put quotes then save

$query = "INSERT INTO news
             (news_title, news_author, news_content, news_image, news_date) 
             values('$title', '$author', '$content', '$image_name', '$date',)";

Data not inserting into mysql Database in php

5 Answers5