sql problems

[netman182]

I am having a small problem with my sql statement. it is inserting into 4 of the fields.

 

fields it is inserting into:

First

Last

email

password

 

it is saying the record has been added. is there something wrong with the sql statement?

 

<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password="95887rj"; // Mysql password 
$db_name="bccsl"; // Database name 
$tbl_name="managers2"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$sql = sprintf("INSERT INTO Managers (First, Last, Address, City, Postal, Home, Cell, Email, Password, Church, Team)VALUES ('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')",$_POST['firstname'],$_POST['lastname'],$_POST['address'],$_POST['city'],$_POST['postal'],$_POST['home'],$_POST['cell'],$_POST['email'],$_POST['password'],$_POST['church'],$_POST['team']);

if (!mysql_query($sql))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

?> 

[Mchl]

Do

echo $sql

and see if all fields are filled in. Chances are, some of them are empty.

 

And you should also pass them through mysql_real_escape_string before putting them into query.

[abazoskib]

It will say "1 Record Added" no matter what you do. You need to use this instead:

 

if (!mysql_query($sql))
  {
  die('Error: ' . mysql_error());
  }else
echo "1 record added";

[netman182]

this is what i am currently seeing. my form is fine. and every field has data "test" in it. i am new to php and trying to learn it am i missing something?

 

1 record added INSERT INTO Managers (First, Last, Address, City, Postal, Home, Cell, Email, Password, Church, Team)VALUES ('test','test','','','','','','test','test','','') 

[abazoskib]

echo mysql_error() after the query

[Mchl]

Query runs fine (it inserts the values after all), so there will be no MySQL error.

 

Instead could you please show us your form code? There might be something in there. Perhaps fields in form are named differently than POST variables you use.

 

[abazoskib]

Query runs fine (it inserts the values after all), so there will be no MySQL error.

 

Instead could you please show us your form code? There might be something in there. Perhaps fields in form are named differently than POST variables you use.

I was thinking along the lines of misspelled column, even though the query looks like it would work.

[netman182]

Here is my form. it is basic right now to get it working then i will CSS it to death.

 

<html>
<head>
<title>manager add</title>
</head>
<body>

<form action="insert.php" method="post" name="manger" id="manger">
  <p>Firstname: <input type="text" name="firstname" />
  </p>
  <p>
    Lastname: <input type="text" name="lastname" />
  </p>
  <p>
    Address <input type="text" name="Address" id="address">
    </p>
  <p>
    City <input type="text" name="City" id="city">
  </p>
  <p>
    Postal <input type="text" name="Postal" id="postal">  
  </p>
  <p>
    Home <input type="text" name="Home" id="home">
  </p>
  <p>
    Cell <input type="text" name="Cell" id="cell"> 
  </p>
  <p>
    Email <input type="text" name="email" id="email">
  </p>
  <p>
    Password <input type="text" name="password" id="password">
  </p>
  <p>
    Church <input type="text" name="Church" id="church">
  </p>
  <p>
    Team Name <input type="text" name="TeamName" id="team">
  </p>
  <p>
    <input type="submit" />
            </p>
</form>

</body>
</html>

 

sql insert:

 

<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password="95887rj"; // Mysql password 
$db_name="bccsl"; // Database name 
$tbl_name="managers2"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$sql = sprintf("INSERT INTO Managers (First, Last, Address, City, Postal, Home, Cell, Email, Password, Church, Team)VALUES ('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')",$_POST['firstname'],$_POST['lastname'],$_POST['address'],$_POST['city'],$_POST['postal'],$_POST['home'],$_POST['cell'],$_POST['email'],$_POST['password'],$_POST['church'],$_POST['team']);

if (!mysql_query($sql))
  {  die('Error: ' . mysql_error());
    }else
echo "1 record added

$sql";

?> 

[Mchl]

Here

Address <input type="text" name="Address" id="address">

 

You have name 'Address' (starting with capital A). In your query you use 'address' (starting with lowercase a). That's the problem.

[netman182]

Thank you. that helped. I couldnt figure it out for the life of me. it is always something stupid.

 

thanks again

[Mchl]

You're not done yet.

You should definitely use mysql_real_escape_string on all these variables before you put them into your query.

[PFMaBiSmAd]

I guess I'll post this one more time -

 

You should be learning php, developing php code, and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php will help you. (Confirm the actual settings using a phpinfo() statement in case the php.ini that you are changing is not the one that php is using.)

 

You will save a ton of time. In this case you could have probably saved a whole day of your time because you would have gotten an undefined index error concerning the mismatch in the variable name that would have alerted you to which one(s) did not match what the form was sending.