mysql/php insert query issue

Question

I have following class method

public function index()
    {   
        $username = '';
        $email = '';
        $text = '';
        $picture = '';

        if (isset($_POST['submit']))
        {
            $username = $_POST['username'];
            $email = $_POST['email'];
            $text = $_POST['text'];
            $picture = $_POST['picture'];
            Task::create($username, $email, $text, $picture);
        }

        require_once(ROOT.'/views/site/index.php');
    }

My form send values, i checked it with var_dump($_POST['username'])

here is create() method

public static function create($username, $email, $text, $picture='1', $check_token=false)
    {
        $db = Db::connect();
        $query = 'INSERT INTO tasks (username, email, text, picture, check_token)
                 VALUES (:username, :email, :text, :picture, :check_token)';

        $result = $db->prepare($query);
        $result->bindParam(':username', $username, PDO::PARAM_STR);
        $result->bindParam(':email', $email, PDO::PARAM_STR);
        $result->bindParam(':text', $text, PDO::PARAM_STR);
        $result->bindParam(':picture', $picture, PDO::PARAM_STR);
        $result->bindParam(':check_token', $check_token, PDO::PARAM_STR);

        $result->execute();
    }

my database connected properly cause my auth system works. But this query does not insert anything. Whatis wrong with my code? Thanks for help.

@HonzaRydrych have this warnings ` Notice: Undefined index: text in /home/hue/test/controllers/SiteController.php on line 21 Notice: Undefined index: picture in /home/hue/test/controllers/SiteController.php on line 22` — Alexandr Krivosheev, Feb 10 '17 at 20:36
Try placing the query in double quotes instead of single `$query = "queryhere";` — Harshul Routhu, Feb 10 '17 at 20:37

score 0 · Answer 1 · answered Feb 10 '17 at 20:44

0

you must escape field name when the are keywords. so you must put back ticks around the fiel dname text like this.

   $query = 'INSERT INTO tasks (username, email, `text`, picture, check_token)
             VALUES (:username, :email, :text, :picture, :check_token)';

answered Feb 10 '17 at 20:44

Bernd Buffen

14,525
2
24
39

1

why? it's not a reserved word, it's a keyword https://dev.mysql.com/doc/refman/5.7/en/keywords.html and that isn't the problem, it's *"have this warnings Notice: Undefined index: text in /home/hue/test/controllers/SiteController.php on line 21 Notice: Undefined index: picture in /home/hue/test/controllers/SiteController.php on line 22` – Alexandr Krivosheev 10 mins ago"* – Funk Forty Niner Feb 10 '17 at 20:47
test is a datatype like int, char varchar, text – Bernd Buffen Feb 10 '17 at 20:48
1

sure but I beg to differ as to the real problem, to which the OP clearly stated in comments. Again, there is no `(R)` next to `TEXT` in the manual, therefore escaping isn't required here. – Funk Forty Niner Feb 10 '17 at 20:49
still no result, thx for try – Alexandr Krivosheev Feb 10 '17 at 20:50
@Fred -ii- - you right – Bernd Buffen Feb 10 '17 at 21:00

mysql/php insert query issue

1 Answers1