Not able to insert data into a mysql database

Question

The code I have below is suppose to insert some information into a mysql database. For some reason every time I test it I get the error statement that it was not able to execute. Everything looks like it should work to me. Is there something I am missing here?

<?php
      include("phpconnect.php");

      $name = $_GET["name"];
      $date = $_GET["date"];
      echo $name;
      echo $date;

      $sql = "INSERT INTO main (name, visits, visitDate, lastVisit)
      VALUES ('$name', '1', '$date', '$date')";


      if (mysqli_query($conn, $sql))
    {
        echo "Records added successfully.";
    }
    else
    {
        echo "ERROR: Could not execute $sql. "
            .mysqli_error($conn);
    }

    mysqli_close($conn);
    ?>

Let post your error message. Also, you should use buld statement param to avoid SQL injection. — Au Nguyen, Nov 05 '19 at 03:21
Does this answer your question? [mysqli\_fetch\_assoc() expects parameter / Call to a member function bind\_param() errors. How to get the actual mysql error and fix it?](https://stackoverflow.com/questions/22662488/mysqli-fetch-assoc-expects-parameter-call-to-a-member-function-bind-param) — Dharman, Nov 05 '19 at 07:10

score 0 · Answer 1 · edited Nov 05 '19 at 08:37

Maybe, you should build your SQL statement slightly different. You can always throw an error message, better for the overview -

$sql = "INSERT INTO main (name, visits, visitDate, lastVisit)
  VALUES (?, 1, ?, ?)";

if($stmt = $mysqli->prepare($sql)){
    $stmt->bind_param('sss', $name, $date, $date);

    if (!$stmt->execute()) {
        return false;
// or print error message
    } else {
        return true;
} else {
    return false;
}

Or check this out - MySQL INSERT INTO with PHP $variable !

score -1 · Answer 2 · answered Nov 05 '19 at 02:58

Try something like this. This function accurately inserts into my database and also scrapes for SQL injection.

function addRestaurant() {
    if(isset($_POST['submit'])) {
        global $connection;
        $name = $_POST['name'];
        $address = $_POST['address'];
        $city = $_POST['city'];
        $state = $_POST['state'];       
        $zipcode = $_POST['zipcode'];
        $googlemapslink = $_POST['googlemapslink'];
        $restauranttype = $_POST['restauranttype'];
        $website = $_POST['website'];
        $logo = $_POST['logo'];
        $sitelink = $_POST['sitelink'];

        if ($googlemapslink == "") {
            $googlemapslink = "https://youtu.be/dQw4w9WgXcQ";
        }

        if ($website == "") {
            $website = "https://youtu.be/dQw4w9WgXcQ";
        }

        if ($logo == "") {
            $logo = "https://youtu.be/dQw4w9WgXcQ";
        }

        $name = mysqli_real_escape_string($connection, $name);
        $address = mysqli_real_escape_string($connection, $address);
        $city = mysqli_real_escape_string($connection, $city);
        $state = mysqli_real_escape_string($connection, $state);
        $zipcode = mysqli_real_escape_string($connection, $zipcode);
        $googlemapslink = mysqli_real_escape_string($connection, $googlemapslink);
        $restauranttype = mysqli_real_escape_string($connection, $restauranttype);
        $website = mysqli_real_escape_string($connection, $website);
        $logo = mysqli_real_escape_string($connection, $logo);
        $sitelink = mysqli_real_escape_string($connection, $sitelink);

        $query = "INSERT INTO `restaurants` (Name, Address, City, State, ZipCode, GoogleMapsLink, Website, RestaurantType, RestaurantLogo, SiteLink) ";
        $query .= "VALUES (";
        $query .= "'$name', ";
        $query .= "'$address', ";
        $query .= "'$city', ";
        $query .= "'$state', ";
        $query .= "'$zipcode', ";
        $query .= "'$googlemapslink', ";    
        $query .= "'$website', ";
        $query .= "'$restauranttype', ";
        $query .= "'$logo', ";
        $query .= "'$sitelink'); ";

        $filesite = "restaurants/" . $sitelink;
        $file = "restaurants/menu.php";
        $contents = file_get_contents($file);

        file_put_contents($filesite, $contents);

        $result = mysqli_query($connection, $query);
            if(!$result) {
                die("Query failed." . mysqli_error($connection));
            } else {
                echo "Record updated!";
            }
    }
}

The Youtube links are suspicious and have occurred in several borderline spam posts recently. — tripleee, Nov 05 '19 at 08:23
Sorry. Forgot about those YouTube links. It is a joke with my teacher. They wanted to have a value if someone did not enter a link in the form, so I Rick rolled him on it. I will change to something else later. — Jason Marsteller, Nov 05 '19 at 11:54
Will look into prepared statements. Had not heard of them. Still new to PHP. — Jason Marsteller, Nov 05 '19 at 11:54

score -1 · Accepted Answer · answered Nov 05 '19 at 04:13

First Check your datbase connection
Second check your form method GET or POST then apply
Check your table column name

include("phpconnect.php");

if(isset($_POST['submit'])){

$name = $_POST["name"];
$date = $_POST["date"]; 

$sql = "INSERT INTO main (name, visits, visitDate, lastVisit) VALUES ('$name', '1', '$date', '$date')";

if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();

}

Not able to insert data into a mysql database

3 Answers3