Insertion and Create SQL statement not working

Question

I´m new in php programming and so i tried to connect my php file with an sql database. It´s working till i come to the point were i want to use a query and execute them. Can someone please help me why i always get "Error querying database"?

$query = "INSERT INTO user (surname, name, e-mail, password) VALUES ('$text', '$text2', '$text3', '$text4')";
    $query2 = "CREATE TABLE $text3 (
    name VARCHAR(30)  PRIMARY KEY, 
    password VARCHAR(30))";
    //make the query

    $result = mysqli_query($db, $query) or die('Error querying database.');
    $result2 = mysqli_query($db, $query2) or die('Error querying database1.');

I am defenitely connected with the database before.

My second question is the right use of the Create Table statement. I want to create a table which is named like the users E-mail address. Is this the right usage?

CREATE TABLE $text3 (
name VARCHAR(30)  PRIMARY KEY, 
password VARCHAR(30))";

I especially want to know if i need to set ' before the $text3 or not.

*"I want to create a table which is named like the users E-mail address. Is this the right usage?"* - No, don't do that. You should be using column names and adding rows, not a table for each email address. — Funk Forty Niner, Jan 27 '18 at 14:58
use php's error reporting and `mysqli_error($db)` against both queries. — Funk Forty Niner, Jan 27 '18 at 14:58
`e-mail` that alone failed here as your column name. MySQL is interpreting that as `e MINUS mail`. — Funk Forty Niner, Jan 27 '18 at 14:59
You need backticks around special characters in your table name as well — DarkBee, Jan 27 '18 at 14:59
One thing though; this `password VARCHAR(30)` tells me that you're probably intending to use MD5 to store passwords with or plain text. Actually, MD5 stores a 32 long string, so I could be wrong here, but nonetheless; that would be too short a length if you intend on storing a hash produced by `password_hash()`, which you should be using, along with a prepared statement. Don't go live with this. — Funk Forty Niner, Jan 27 '18 at 15:15

Cyberduck · Accepted Answer · 2018-02-03T11:32:53.937

I solved this Problem with the help of @FunkFortyNiner the problem is the - between the e-mail. I neededt to remove it. Now the code looks like this:

$query = "INSERT INTO user (surname, name, email, password) VALUES ('$text', '$text2', '$text3', '$text4')";
$query2 = "CREATE TABLE $text3 (
name VARCHAR(30)  PRIMARY KEY, 
password VARCHAR(30))";
//make the query

$result = mysqli_query($db, $query) or die('Error querying database.');
$result2 = mysqli_query($db, $query2) or die('Error querying database1.');

Maddy Blacklisted · Answer 2 · 2018-01-27T15:02:04.043

-2

Use

die('Error querying database.' . mysqli_error($db) );

To know about the exact error.

More specifically use e_mail or email instead of e-mail as the column name in your db schema.

edited Jan 27 '18 at 15:02

answered Jan 27 '18 at 15:00

Maddy Blacklisted

1,190
1
7
17

This should be a comment as this will not solve the problem – DarkBee Jan 27 '18 at 15:00
Thank you. this is always good to know but it didn´t solve my problem. But thank You!! – Cyberduck Jan 27 '18 at 15:01
I just edited the answer. At least some time should be given instead of instantly casting a downvote. – Maddy Blacklisted Jan 27 '18 at 15:04
@MaddyBlacklisted because renaming the column is not the solution, adding backticks is `SELECT \`e-mail\` FROM users` – DarkBee Jan 29 '18 at 06:39

Insertion and Create SQL statement not working

2 Answers2