Query not working in PHP but works in phpmyadmin

Question

I need help with this query. If I use this query in MySQL that works fine but is not being executed when used in PHP.

$sql = "INSERT INTO dtable (name, mobile, email) VALUES ('".$MP_Name."', '".$MP_Mobil."','".$MP_Email."');";

$conn->query($sql);

$sql = "INSERT INTO dtable(name,mobile,email) VALUES ('$MP_Name','$MP_Mobil','$MP_Email');"; — Mystogan, Apr 11 '21 at 08:44
I don't have any error message. Just skips the insertion query. — Anil, Apr 11 '21 at 08:47
DO NOT EXECUTE a query like that, use pdo and parameters. With a query like that you are opened to sql injections. — Giacomo M, Apr 11 '21 at 08:51
I got that @Giacomo M, but the project was written a long before and experiencing issue from just some days and was working fine before. — Anil, Apr 11 '21 at 08:55
As said @Giacomo M, refer to this page to avoid sql injections: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php — Theo27, Apr 11 '21 at 08:55
what are the values of your variables? $MP_Name, $MP_Mobile and $MP_Email? — Giacomo M, Apr 11 '21 at 08:59
I got this error now: Commands out of sync; you can't run this command now — Anil, Apr 11 '21 at 09:10

Ivan86 · Answer 1 · 2021-04-11T09:14:36.627

1

Use prepared statements to avoid sql injection.

$conn = new mysqli($servername, $username, $password, $dbname);

$stmt = $conn->prepare("INSERT INTO dtable (name, mobile, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $MP_Name, $MP_Mobil, $MP_Email);
$stmt->execute();
$stmt->close();

edited Apr 11 '21 at 09:14

answered Apr 11 '21 at 08:50

Ivan86

5,695
2
14
30

score 0 · Answer 2 · answered Apr 11 '21 at 08:56

0

Try to echo the query string before executing it and copy/paste that echoed query in phpmyadmin and check for errors in the query

 $result= $sql->query(sprintf("INSERT INTO dtable(name,mobile,email) VALUES ('%s','%s','%s')", ($_POST['MP_Name']), ($_POST['MP_Mobil']), ($_POST['MP_Email'])));
 echo $sql;

answered Apr 11 '21 at 08:56

Turgut Felek

1

I tried that. It gives no error in phpmyadmin and works fine there. – Anil Apr 11 '21 at 08:58

score 0 · Answer 3 · answered Apr 13 '21 at 04:16

0

With more study, I came to know that I was actually getting an error; commands out of sync; you can't run this command now.

I added $conn->next_result() before running the query which solved the issue.

answered Apr 13 '21 at 04:16

Anil

61
1
1
7

Query not working in PHP but works in phpmyadmin

3 Answers3