0

I basically created this file with php that takes values from another file to find out whether a car parked got out within the time and if not, he is going to get a fine. I am able to get all the variables and stuff working but when i try to enter to insert the datas into my database in phpmyadmin, i get an error. Here are my codes:

<?php
session_start();
$Entrydates=$_SESSION['tsmdate'];
$Entrytimes=$_SESSION['tsmTime'];
$Exitdates=$_SESSION['tsmexit'];
$ExitTime=$_SESSION['tsmtimeend'];
$username=$_SESSION['tsmUserName'];
var_dump($_SESSION);
        $Error=false;
          date_default_timezone_set('Asia/Riyadh');
        $presentDate=date('Y-m-d');
           if(strtotime($Entrydates) == strtotime($presentDate))
            {
              echo "same date";
            $presentTime= date('h:i A');
        var_dump($presentTime);
        if(strtotime($presentTime) > strtotime($ExitTime))
            {
              echo "pay up";
              $fine=100;
              $Error=true;
           }
          else{
             echo "dont pay up";
             $fine=0;
             $Error=true;
            }
        }
        else
        {
            echo "different dates";                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
        }
            if($Error==true){
            require_once("connection.php");
            $my_query="INSERT INTO fine (`No`, `Username`,`Fine`) VALUES (NULL,'$username','$fine')";
            $result=mysqli_query($connection,$my_query);
            if($result)
            {
                echo 'thank you';
            }
            else
            {
                echo 'error';
            }
            mysqli_close($connection);
            }
?>
David Adam
  • 21
  • 5
  • can you specify the error? – Bagus Tesa Jan 05 '17 at 07:27
  • @BagusTesa it doesn't tell.. It just says error – David Adam Jan 05 '17 at 07:33
  • 2
    **WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use string interpolation or concatenation to accomplish this because you have created a severe [SQL injection bug](http://bobby-tables.com/). **NEVER** put `$_POST` or `$_GET` data directly into a query, it can be very harmful if someone seeks to exploit your mistake. – tadman Jan 05 '17 at 07:38
  • When debugging SQL code you probably want to turn on [exceptions](http://stackoverflow.com/questions/14578243/turning-query-errors-to-exceptions-in-mysqli) which make simple mistakes impossible to ignore. – tadman Jan 05 '17 at 07:41
  • can u please show the error on the database? – Ashbee Morgado Jan 05 '17 at 07:27

2 Answers2

0

Just a thought but check to ensure that your field types in your database table are something that will accept the input you're sending to them. For example, what if for the No field you have "allow Null=false", then this insert would be rejected.

Christopher Kirby
  • 26
  • 1
-2

It would be nice if you post your error you get, but I think its the syntax of your insert query. Try code below.

Btw. you may want to use prepared statements, take a look at them.
http://www.w3schools.com/php/php_mysql_prepared_statements.asp 

<?php
    session_start();
    $Entrydates=$_SESSION['tsmdate'];
    $Entrytimes=$_SESSION['tsmTime'];
    $Exitdates=$_SESSION['tsmexit'];
    $ExitTime=$_SESSION['tsmtimeend'];
    $username=$_SESSION['tsmUserName'];
    var_dump($_SESSION);
            $Error=false;
              date_default_timezone_set('Asia/Riyadh');
            $presentDate=date('Y-m-d');
               if(strtotime($Entrydates) == strtotime($presentDate))
                {
                  echo "same date";
                $presentTime= date('h:i A');
            var_dump($presentTime);
            if(strtotime($presentTime) > strtotime($ExitTime))
                {
                  echo "pay up";
                  $fine=100;
                  $Error=true;
               }
              else{
                 echo "dont pay up";
                 $fine=0;
                 $Error=true;
                }
            }
            else
            {
                echo "different dates";                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
            }
                if($Error==true){
                require_once("connection.php");
                $my_query="INSERT INTO fine (No, Username, Fine) VALUES (NULL,'$username','$fine')";
                $result=mysqli_query($connection,$my_query);
                if($result)
                {
                    echo 'thank you';
                }
                else
                {
                    echo 'error';
                }
                mysqli_close($connection);
                }
    ?>
Twinfriends
  • 1,972
  • 1
  • 14
  • 34
  • 1
    Sorry, please don't link to w3schools. It's often wickedly out of date. If possible link to the official PHP documentation, it's much higher quality and has very helpful examples provided by the community in the comments section to explain further. – tadman Jan 05 '17 at 07:39