Not adding to db

[watts]

Hi, I can't figure out why it won't add the record to the database.  It's just a simple form to get name and email but when I hit submit I get the "or die" message. 

$Fname = $_GET['Fname'];
$eMail = $_GET['eMail'];
$submit = $_GET['submit'];

if ($submit == 1) 
{

$date = date("Y-m-d");

$sql="INSERT INTO `my_db`.`my_table` (
`usrID` ,
`usrName` ,
`usrEmail` ,
`usrDatereg`
)
VALUES (
NULL , '$Fname', '$eMail', '$date'
)";

$adduser=mysql_query($sql) or die ('Could not add you to mailing list');

$message = "Welcome to the mailing list! ";

}

 

It's definitely getting all the variables from the form, I tested by printing them as part of the $message variable but it just isn't adding.

 

Any thoughts?

 

Thanks.

[Alex]

within the or die() put mysql_error() and post what it says.

 

It's usually not suggested to use back ticks unless you're using reserved words, in which case they're required. Also, if 'usrID' is an auto_increment field there is no need to include it in the query, it'll be inserted automatically.

[PravinS]

What method you are using in form POST or GET?

[Philip]

Echo $sql & mysql_error() and see what those post.

 

Also, sanitize your inputs, always!

[watts]

So here's what I get now:

 

"Could not add you to mailing list

sql:INSERT INTO 'mailing' ('usrName','usrEmail','usrDatereg') VALUES (bob,bob@mail.com,2009-11-09)

error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''mailing' ('usrName','usrEmail','usrDatereg') VALUES (bob,bob@' at line 1". 

 

When I look at the manual I still can't figure out the problem.  The version of mysql is 4.1.22

 

My form is GET

 

I changed the back ticks to regular single quotes.

I added mysql_real_escape() to sanitize the data. 

I echoed $sql and all the data looks fine.

Here's the code as it stands now.

 

$Fname = mysql_real_escape_string($_GET['Fname']);
$eMail = mysql_real_escape_string($_GET['eMail']);
$submit = mysql_real_escape_string($_GET['submit']);

if ($submit == 1) 
{

$date = date("Y-m-d");

$sql="INSERT INTO 'mailing' ('usrName','usrEmail','usrDatereg')
VALUES ($Fname,$eMail,$date)";

$adduser=mysql_query($sql) or die ('Could not add you to mailing 

list<br/>'.'sql:'.$sql.'<br/>error:'.mysql_error());

$message = "Welcome to the mailing list! $Fname, $eMail, $date.";

}

[Philip]

Well you changed the sql:

$sql="INSERT INTO `my_db`.`my_table` (
`usrID` ,
`usrName` ,
`usrEmail` ,
`usrDatereg`
)
VALUES (
NULL , '$Fname', '$eMail', '$date'
)";

 

to

sql="INSERT INTO 'mailing' ('usrName','usrEmail','usrDatereg')
VALUES ($Fname,$eMail,$date)";

 

Which one is correct? Because I'd imagine the first one is failing because it isn't selecting the right database/table... and the second one because you're using single quotes where backticks would be appropriate (but not needed in this case) and missing single quotes where you need them - around the values.

 

sql="INSERT INTO mailing (usrName,usrEmail,usrDatereg)
VALUES ('$Fname','$eMail','$date')";

 

[watts]

Upon further investigation I have found that I'm not connecting to the db.  I know that I have the right dbname, username and password but the error message says "access denied."  Here's the connection code:

 

$db_user="user";
$db_pword="password";
$db_host="localhost";
$db_name="database";

$connection = mysql_connect($db_host, $db_user, $db_pword)
or die ("could not connect to server");

$db = mysql_select_db($db_name, $connection)
or die ("could not connect to database".mysql_error());

[Russia]

I would use this format:

 

<?php 
mysql_connect("localhost", "DB_USERNAME", "PASSWORD") or die(mysql_error());
mysql_select_db("DB_NAME") 
or die(mysql_error());
?>

 

 

[watts]

I just tried this and it still doesn't work.

[Philip]

"Doesn't work" doesn't help you solve your problem

 

What errors are you getting (copy/paste them here)

[watts]

Okay, it's resolved.  It was a server side issue.