-3

I know this question has been answered many times but just cant seem to make it work within my existing code. Forgive me for being a dunce. My question: I just need to get the indexed and auto-incremented client_id value upon creating a new record, so I can send it to the new user via email along with their password so they can log into their account. Here is my code and thanks for any help. I also understand I should convert from MySQL to mysqli:

$conn = mysql_connect($servername, $username, $password, $dbname);

if (!$conn) { die('Could not connect: ' . mysql_error()); }

mysql_select_db($dbname,$conn);

$sql="INSERT INTO ricks_inserts (companyname, contact, email)

VALUES ('$_POST[companyname]','$_POST[contact],'$_POST[email]')";

$id = mysql_insert_id(); "My actual variable in my table is called client_id"

if (!mysql_query($sql,$conn))
{
die('Error: ' . mysql_error());
}echo "<br />";

$message= <<<EOD
Client Id:$_POST[client_id]
Email: $_POST[email]
Company: $_POST[companyname]
Contact: $_POST[contact]
EOD;
Ricky T
  • 243
  • 1
  • 13
  • 2
    You can't get the insert ID until *after* you perform your insert query. Kinda makes sense, no? – John Conde Aug 03 '16 at 20:56
  • 2
    You are open to SQL injections with this code. – chris85 Aug 03 '16 at 20:57
  • Can we really still be talking about injection? – Strawberry Aug 03 '16 at 21:00
  • See what I mean, I make no sense lol, this is why I'm asking for help please. I am just learning so please forgive. I don't even know what an injection is, but I guess I better learn – Ricky T Aug 03 '16 at 21:00
  • 2
    **WARNING**: If you're just learning PHP, please, do not use the [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface. It’s so awful and dangerous that it was removed in PHP 7. A replacement like [PDO is not hard to learn](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/) and a guide like [PHP The Right Way](http://www.phptherightway.com/) explains best practices. Your user parameters are **not** [properly escaped](http://bobby-tables.com/php) and there are [SQL injection bugs](http://bobby-tables.com/) that can be exploited. – tadman Aug 03 '16 at 21:19
  • Possible duplicate of [PHP/MySQL insert row then get 'id'](http://stackoverflow.com/questions/897356/php-mysql-insert-row-then-get-id) – Mattew Whitt Aug 04 '16 at 01:26
  • removed my answer as m not able to update it for next few days. Will repost once I get suitable time – Tushar Gupta Aug 04 '16 at 05:39

1 Answers1

-1

maybe you can try this one MySQL version 

$conn = mysql_connect($servername, $username, $password, $dbname);

if (!$conn) { die('Could not connect: ' . mysql_error()); }

mysql_select_db($dbname,$conn);

$companyname = mysql_real_escape_string($_POST['companyname']);
$contact = mysql_real_escape_string($_POST['contact']);
$email = mysql_real_escape_string($_POST['email']);

$sql="INSERT INTO ricks_inserts (companyname, contact, email)

VALUES ('".$companyname."','".$contact."','".$email."' ) " or die(mysql_errno());

if (mysql_query($sql)) {
    $last_id = mysql_insert_id();
    echo "New record created successfully. Last inserted ID is: " . $last_id;
} else {
    echo "Error: " . $sql . "<br>" . mysql_error();
}

$message= <<<EOD
Client Id:$_POST[client_id]
Email: $_POST[email]
Company: $_POST[companyname]
Contact: $_POST[contact]
EOD;

MySQLi version 

        <?php
$conn = mysqli_connect($servername, $username, $password, $dbname);

if (!$conn) { die('Could not connect: ' . mysqli_error($conn)); }

mysqli_select_db($conn,$dbname);

$companyname = mysqli_real_escape_string ($conn,$_POST['companyname']);
$contact = mysqli_real_escape_string ($conn,$_POST['contact']);
$email = mysqli_real_escape_string ($conn,$_POST['email']);

$sql="INSERT INTO ricks_inserts (companyname, contact, email)

VALUES ('".$companyname."','".$contact."','".$email."' ) " or die(mysqli_errno($conn));

if (mysqli_query($conn,$sql)) {
    $last_id = mysqli_insert_id($conn);
    echo "New record created successfully. Last inserted ID is: " . $last_id;
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}

$message= <<<EOD
Client Id:$_POST[client_id]
Email: $_POST[email]
Company: $_POST[companyname]
Contact: $_POST[contact]
EOD;

?>
mohammed
  • 26
  • 1
  • 9
  • 1
    Please [don't use the mysql_ extension anymore](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). It's been removed from PHP – Machavity Aug 03 '16 at 21:49
  • @Machavity currently i'm using mysqli extension i was just showing an example any way thank you for your note – mohammed Aug 03 '16 at 22:12