Why mysql INSERT acting wrong?

Question

I've a simple HTML form and PHP code to insert data to sql database. But It is not working properly. It is not storing data where I want. Like, It is placing "Name in Bangla" in "Name" and placing "school" in "position2". Now how to make this work? Is there anything wrong in the code?

HTML Code:

<form name="information_form" enctype="multipart/form-data" method="post" action="process-new-member.php">
        <center>
                <table class="controls" >
                        <tr>
                            <td>Unique ID:</td> 
                            <td><input type="number" name="id" placeholder="Unique ID Number">
                        </tr>
                        <tr>
                            <td>Name:</td> 
                            <td><input type="text" name="name" placeholder="Write Full Name">
                        </tr>
                        <tr>
                            <td>Name in Bangla:</td> 
                            <td><input type="text" name="namebangla" placeholder="Write Full Name in বাংলা">
                        </tr>
                        <tr>
                                <td>Image</td>
                                <td><input name="img" type="file"></td>
                          </tr>
                        <tr>
                            <td>Father's Name:</td> 
                            <td><input type="text" name="father" placeholder="Father's name">
                        </tr>
                        <tr>
                            <td>Mother's Name:</td> 
                            <td><input type="text" name="mother" placeholder="Mother's name">
                        </tr>
                        <tr>
                            <td>Date of Birth:</td> 
                            <td>    
                                    <input class="inputnumber"  type="number" name="dobDATE" placeholder="Date" style="max-width: 46px;">
                                    <input class="inputnumber"  type="number" name="dobMONTH" placeholder="Month" style="max-width: 60px;">
                                    <input class="inputnumber"  type="number" name="dobYEAR" placeholder="Year" style="max-width: 57px;">
                            </td>
                        </tr>
                        <tr>
                                <td>Facebook ID: </td>
                                <td><input type="text" maxlength="100" name="fbid" placeholder="Write Username or ID Number"></td>
                        </tr>
                        <tr>
                                <td>Email: </td>
                                <td><input type="email" name="email" maxlength="100" placeholder="Write Email Address"></td>
                        </tr>
                        <tr>
                                <td>Contact No: </td>
                                <td>+880<input type="number" name="contact" maxlength="10" placeholder="Write Personal Phone No."></td>
                        </tr>
                        <tr>
                                <td>Emergency Contact No: </td>
                                <td>+880<input type="number" name="Econtact" maxlength="10" placeholder="Write Emergency Phone No."></td>
                        </tr>
                        <tr>
                                <td>Gender: </td>
                                <td>
                                    <select name="sex" >
                                        <option value="male">Male</option>
                                        <option value="female">Female</option>
                                    </select>
                                    </td>
                        </tr>

                        <tr>
                                <td>Editor Status: </td>
                                <td>
                                    <select name="editorstatus" >
                                        <option  value="0">No</option>
                                        <option  value="1">Yes</option>
                                    </select>
                                    </td>
                        </tr>

                        <tr>
                            <td>Present Address:</td> 
                            <td><input type="text" name="presentAdd" placeholder="Write Present Address">
                        </tr>
                        <tr>
                            <td>Permanent Address:</td> 
                            <td><input type="text" name="permanentAdd" placeholder="Write Permanent Address">
                        </tr>
                        <tr>
                            <td>Position: </td>
                            <td><input type="text" name="position" placeholder="Write Position in Rupok"></td>
                        </tr>
                        <tr>
                            <td>Secondary Position: </td>
                            <td><input type="text" name="position2" placeholder="Write Secondary Position"></td>
                        </tr>
                        </br>

                        <tr><td><h2>Educational Infos:</h2></td></tr>

                        <tr>
                            <td>School: </td>
                            <td><input type="text" name="school" placeholder="Write School Name"></td>
                        </tr>
                        <tr>
                            <td>College: </td>
                            <td><input type="text" name="college" placeholder="Write College Name"></td>
                        </tr>
                        <tr>
                            <td>Pass Years :</td> 
                            <td>    
                                    <input class="inputnumber" min="2000" max="2040" type="number" name="jscYear" placeholder="JSC" style="max-width: 46px;">
                                    <input class="inputnumber" min="2000" max="2040" type="number" name="sscYear" placeholder="SSC" style="max-width: 60px;">
                                    <input class="inputnumber" min="2000" max="2040" type="number" name="hscYear" placeholder="HSC" style="max-width: 57px;">
                            </td>
                        </tr>

                        <tr><td><h2>Others Infos:</h2></td></tr>

                        <tr>
                            <td>Personal Skills: </td> 
                            <td>
                                <textarea name="PersonalSkills" placeholder="Write down skills seperating by Comas"></textarea>
                            </td>
                        </tr>

                </table>
        </center>

      </br>

      <center>
        <button type="submit">Submit Data</button>
      </center

    </form>

and here is the PHP Code:

<?php

$uploaddir = '../../img/members/';
$uploadfile = $uploaddir . basename($_FILES['img']['name']);
if (move_uploaded_file($_FILES['img']['tmp_name'], $uploadfile)) {
  echo "File is valid, and was successfully uploaded.\n";
} else {
   echo "Upload failed";
}

require('connect_db.php');

$id=$_POST['id'];
$name=$_POST['name'];
$namebangla=$_POST['namebangla'];
$pic = $_FILES['img']['name'];
$father=$_POST['father'];
$mother=$_POST['mother'];
$dobDATE=$_POST['dobDATE'];
$dobMONTH=$_POST['dobMONTH'];
$dobYEAR=$_POST['dobYEAR'];
$fbid=$_POST['fbid'];
$email=$_POST['email'];
$presentAdd=$_POST['presentAdd'];
$permanentAdd=$_POST['permanentAdd'];
$sex=$_POST['sex'];
$contact=$_POST['contact'];
$Econtact=$_POST['Econtact'];
$position=$_POST['position'];
$position2=$_POST['position2'];
$school=$_POST['school'];
$college=$_POST['college'];
$jscYear=$_POST['jscYear'];
$sscYear=$_POST['sscYear'];
$hscYear=$_POST['hscYear'];
$editor=$_POST['editorstatus'];
$PersonalSkills=$_POST['PersonalSkills'];



 $query ="Insert Into `member` Values
      (
       '$id',
       '$name',
       '$namebangla',
       '$father',
       '$mother',
       '$dobDATE',
       '$dobMONTH',
       '$dobYEAR',
       '$fbid',
       '$email',
       '$presentAdd',
       '$permanentAdd',
       '$sex',
       '$contact',
       '$Econtact',
       '$position',
       '$position2',
       '$school',
       '$college',
       '$jscYear',
       '$sscYear',
       '$hscYear',
       '$editor',
       '$PersonalSkills',
       '$pic'
      )";

      if(mysql_query($query)){

            header('location: show-data.php');

        }else{
            die(mysql_error());
        }
?>

**Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) that has been [removed](http://php.net/manual/en/mysql.php) from PHP. You should select a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. — Quentin, May 18 '17 at 15:17
@tawsif, the order of insert value must be same as table structure. Make sure you insert as in same order. — Anirudha Gupta, May 18 '17 at 15:19
The order of your inserted values has to be in the same order as your table's columns. If you can provide your table schema, we can point out exactly what's wrong. If you want to make absolutely sure that your data is going into the correct columns, you should map your column names as well. For example, use `insert into my_table (col1, col2) values (val1, val2)` — RToyo, May 18 '17 at 15:19
is your table in the order you inserting by? u did not leave any column out? — Masivuye Cokile, May 18 '17 at 15:20
It can't *act wrong* - it's a simple PHP script, it just does what you tell it to... — CD001, May 18 '17 at 15:20

score 2 · Accepted Answer · answered May 18 '17 at 15:29

Probably the order of fields in your table is different from the order you provide the values. It would be lot more simpler and secure if you listed the fields you want to insert data into:

Insert Into `member` (
               id,
               name,
               namebangla,
               father,
               mother,
               dobDATE,
               dobMONTH,
               dobYEAR,
               fbid,
               email,
               presentAdd,
               permanentAdd,
               sex,
               contact,
               Econtact,
               position,
               position2,
               school,
               college,
               jscYear,
               sscYear,
               hscYear,
               editor,
               PersonalSkills,
               pic
              )
Values
      (
       '$id',
       '$name',
       '$namebangla',
       '$father',
       '$mother',
       '$dobDATE',
       '$dobMONTH',
       '$dobYEAR',
       '$fbid',
       '$email',
       '$presentAdd',
       '$permanentAdd',
       '$sex',
       '$contact',
       '$Econtact',
       '$position',
       '$position2',
       '$school',
       '$college',
       '$jscYear',
       '$sscYear',
       '$hscYear',
       '$editor',
       '$PersonalSkills',
       '$pic'
      )"

I just removed the $ and the single quotes from the variables, assuming that these are the field names. You need to provide the actual field names, if those are different.

Why mysql INSERT acting wrong?

1 Answers1