Why is my SQL PHP Code not working?

Question

My PHP code is not working.

<?php

include config.php;

function addEntryInDB() {
    $nxtaddr    = $_POST    ["txin_src"];
    $nxtkey     = $_POST    ["txin_key"];
    $coinaddr   = $_POST    ["txout_src"];
    $burntxid   = $_POST    ["txid"];
    $coinkey    = $_POST    ["txout_src"];

    mysql_select_db($sql_db, $conn);

    if(!$conn ) {
        die('Could not connect: ' . mysql_error());
    }

    $sql = ("INSERT INTO X (
                NXTAddress,
                NXTPubKey,
                AltCoinAddr,
                AltCoinKeys,
                PoBTXID,
                ContactDateCreated
            )
            VALUES (
                '$nxtaddr',
                '$nxtkey',
                '$coinaddr',
                '$coinkey',
                '$burntxid',
                NOW()
            )")

    mysql_query($sql, $conn);
    mysql_close($conn);
}

I am mostly getting unexpected T_STRING related errors. I know it screams amateur hour but any help would be umm... helpful

Missing `;` after the query. – Sougata Bose Feb 05 '16 at 06:30 — Sougata Bose, Feb 05 '16 at 06:30

score 0 · Answer 1 · edited May 23 '17 at 11:50

you have missing semi colon here:

$sql = ("INSERT INTO X (
            NXTAddress,
            NXTPubKey,
            AltCoinAddr,
            AltCoinKeys,
            PoBTXID,
            ContactDateCreated
        )
        VALUES (
            '$nxtaddr',
            '$nxtkey',
            '$coinaddr',
            '$coinkey',
            '$burntxid',
            NOW()
        )");  //here you missed ;

Also your code is prone to SQL injection which is a real problem. Read this and your future will be saved How can I prevent SQL injection in PHP?

score 0 · Answer 2 · edited Feb 05 '16 at 07:38

$sql = ("INSERT INTO X (
                    NXTAddress,
                    NXTPubKey,
                    AltCoinAddr,
                    AltCoinKeys,
                    PoBTXID,
                    ContactDateCreated
                )
                VALUES (
                    '$nxtaddr',
                    '$nxtkey',
                    '$coinaddr',
                    '$coinkey',
                    '$burntxid',
                    NOW()
                )"); // you forget (;) hear

//and for good practice use php die() after every sql Query to get reprocess

score 0 · Accepted Answer · answered Feb 05 '16 at 06:37

<?php

include config.php;

function addEntryInDB() {
    $nxtaddr    = $_POST    ["txin_src"];
    $nxtkey     = $_POST    ["txin_key"];
    $coinaddr   = $_POST    ["txout_src"];
    $burntxid   = $_POST    ["txid"];
    $coinkey    = $_POST    ["txout_src"];

    mysql_select_db($sql_db, $conn);

    if(!$conn ) {
        die('Could not connect: ' . mysql_error());
    }

    $sql = ("INSERT INTO X (
                NXTAddress,
                NXTPubKey,
                AltCoinAddr,
                AltCoinKeys,
                PoBTXID,
                ContactDateCreated
            )
            VALUES (
                '$nxtaddr',
                '$nxtkey',
                '$coinaddr',
                '$coinkey',
                '$burntxid',
                NOW()
            )");  // here you missing semicolon

    mysql_query($sql, $conn);
    mysql_close($conn);
}

Why is my SQL PHP Code not working?

3 Answers3