not inserting values in php have uniqid function and mysql_insert_id

Question

$q = "INSERT INTO `client_t`(`Control_no`, `Client_id`, `Fname`, `Mname`, `Lname`, `Religion`, `Citizenship`, `Address`, `E-mail`, `Monthly_Income`, `Detained`, `Date_detained`, `Age`, `Gender`, `Civil_Status`, `Educ_attain`, `Language`, `Contact_no`, `Spouse`) 
     VALUES ('$_POST[Control_no]','$_POST[Client_id]',$_POST[Fname]','$_POST[Mname]'
        ,'$_POST[Religion]','$_POST[Citizenship]','$_POST[Address]','$_POST[Email]',$_POST[Monthly_Incom]','$_POST[Detained]','$_POST[Date_Detained]','$_POST[Age]','$_POST[Gender]',$_POST[Civil_Status]','$_POST[Educ_Attain]','$_POST[Language]','$_POST[Contact_no]','$_POST[Spouse]')";
     $r = mysql_query( $db,$q);

$_POST[Control_no] = $Control_no; $_POST[Control_no] = uniqid(); $_POST[Client_id] = $Client_id; $_POST[Client_id] = uniqid(); — C Monts, Mar 26 '17 at 14:02
I can tell right away that this `mysql_query( $db,$q)` is failing you. — Funk Forty Niner, Mar 26 '17 at 14:08
The POST arrays' origins are unknown as is the mysql api used to connect with. — Funk Forty Niner, Mar 26 '17 at 14:09
You also have syntax errors. Use php's error reporting and check for errors on the query. — Funk Forty Niner, Mar 26 '17 at 14:10
You're also open to a very serious sql injection. You should be using a prepared statement for this. — Funk Forty Niner, Mar 26 '17 at 14:12
*"uniqid function and mysql_insert_id"* - There's no code to support that, you only posted that in a comment. Your question is way too unclear for anyone to provide you with a concrete solution. I *highly* suggest you visit php.net's official manuals on all this and some *worthy* tutorials. — Funk Forty Niner, Mar 26 '17 at 14:14

score 1 · Answer 1 · answered Mar 26 '17 at 14:18

As you are using single quotes ('), the var is not detected by the array, so it would introduce $_POST[Control_no] directly in the database.

What you should do is something like this:

$q = "INSERT INTO `client_t`(`Control_no`, `Client_id`, `Fname`, `Mname`, `Lname`, `Religion`, `Citizenship`, `Address`, `E-mail`, `Monthly_Income`, `Detained`, `Date_detained`, `Age`, `Gender`, `Civil_Status`, `Educ_attain`, `Language`, `Contact_no`, `Spouse`) 
 VALUES ('" . $_POST["Control_no"] . "','" . $_POST["Client_id"] . "','" . $_POST["Fname"] . "','" . $_POST["Mname"] . "','" . $_POST["Religion"] . "','" . $_POST["Citizenship"] . "','" . $_POST["Address"] . "','" . $_POST["Email"] . "','" . $_POST["Monthly_Incom"] . "','" . $_POST["Detained"] . "','" . $_POST["Date_Detained"] . "','" . $_POST["Age"] . "','" . $_POST["Gender"] . "','" . $_POST["Civil_Status"] . "','" . $_POST["Educ_Attain"] . "','" . $_POST["Language"] . "','" . $_POST["Contact_no"] . "','" . $_POST["Spouse"] . "')";

That way, you append the $_POST with the double quotes because if you don't type it between double quotes it would be read as constants.

score -1 · Answer 2 · edited Mar 27 '17 at 08:01

-1

Add this and it will tell you what is wrong

If ($r)    
{
    Echo 'success'
Else 
{
    Echo Mysql_error();
}

edited Mar 27 '17 at 08:01

Tom

4,257
6
33
49

answered Mar 26 '17 at 14:20

Gert

360
3
8

not inserting values in php have uniqid function and mysql_insert_id

2 Answers2