CSV data importing issue

Question

Hello recently I have downloaded a script for importing data to the database. I have created a form where user will upload the file and from that I would like the data to added to the database I am not sure I am doing correctly or not as I am getting an error of 500 internal server error might be my code messed up.

require('../admin/includes/connection.php');

$file = $_FILES['data_email']['name'];
$file_temp = $_FILES['data_email']['tmp_name'];
move_uploaded_file($file_temp, '../admin/uploads/'.$file);
// path where your CSV file is located
define('CSV_PATH','http://wintroninformatics.com/admin/uploads/');
// Name of your CSV file
$csv_file = CSV_PATH . $file; 

$data = mysqli_query($connection, 'SELECT * FROM users WHERE uid = "'.$_SESSION['uid'].'"');
$user = mysqli_fetch_array($data);
if (($handle = fopen($csv_file, "r")) !== FALSE) {
   fgetcsv($handle);   
   while (($data = fgetcsv($handle, 1000, ",")) !== FALSE) {
        $num = count($data);
        for ($c=0; $c < $num; $c++) {
          $col[$c] = $data[$c];
        }

    $col2 = $col[1];

// SQL Query to insert data into DataBase
$query = "INSERT INTO email_data(date_uploaded, email_id, username, status) VALUES('".date('d-m-Y')"','".$col2."','".$user['username']."', 'Approved')";
$s     = mysqli_query($connection, $query);
 }
    fclose($handle);
}

echo "File data successfully imported to database!!";

You need to gain access to the webserver logs and determine what is causing the 500 error. — alzee, Aug 01 '16 at 22:26
I figured out the issue but the data is not inserted in the database — Mark Alan, Aug 01 '16 at 22:34
**WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use string interpolation or concatenation to accomplish this because you have created a severe [SQL injection bug](http://bobby-tables.com/). **NEVER** put `$_POST` or `$_GET` data directly into a query, it can be very harmful if someone seeks to exploit your mistake. This lack of escaping is probably one of the big issues here. — tadman, Aug 01 '16 at 22:36

score -2 · Accepted Answer · answered Aug 01 '16 at 22:22

-2

Cant debug this way. 500 Internal server error means you have no error reporting enabled.

Add the following line at the top of your code to spot the problem in your code

error_reporting(E_ALL);

answered Aug 01 '16 at 22:22

teliaz

97
3

The wintroninformatics.com page isn’t working wintroninformatics.com is currently unable to handle this request. HTTP ERROR 500 – Mark Alan Aug 01 '16 at 22:24
error_reporting(-1); ini_set('display_errors', 'On'); no need to downvote... just trying to help here.. – teliaz Aug 01 '16 at 22:42
1

how does this "answer" the question? We have no way of knowing what the "real" problem was and what the OP did to fix this. That isn't my downvote here, but you probably got it from someone who felt it was more of a comment and/or doesn't show anyone how it solved the question, which I would agree with. – Funk Forty Niner Aug 01 '16 at 22:57

CSV data importing issue

1 Answers1