INSERT query not working

[snwspeck]

Basically I need to input data into two tables.

 

I am running 3 different query's but only 2 of them work. The other one doesn't.

 

None working query:

mysql_query("INSERT INTO users(username, password, email, pin, key) VALUES('$username', '$password', '$email', '$key', '$pin')");

 

Working querys:

 

mysql_query("DELETE FROM beta_keys WHERE keys_new='$key'");

 

**and**

 

mysql_query("INSERT INTO beta_keys(keys_used) VALUES('$key')");

 

So any ideas why the top one doesn't work but the bottom two do?

[Joshua F]

Do you get any errors, or is it just not submitting it into the database?

[snwspeck]

I changed it now to:

 

$qry = ("INSERT INTO users(username, password, email, pin, key) VALUES('$username', '$password', '$email', '$key', '$pin')");
    $result = mysql_query($qry);

 

I am recieving a query failed.

 

Here is my entire script for my authentication as it will most likely be needed:

 

<?php
    //Start session
    session_start();
    
    //Include database connection details
    require_once('config.php');
    
    //Array to store validation errors
    $errmsg_arr = array();
    
    //Validation error flag
    $errflag = false;
    
    //Connect to mysql server
    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }
    
    //Select database
    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
        die("Unable to select database");
    }
    
    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }
    
    //Sanitize the POST values
    $username = clean($_POST['username']);
    $password = clean($_POST['password']);
    $cpassword = clean($_POST['cpassword']);
    $email = clean($_POST['email']);
    $pin = clean($_POST['pin']);
    $key = clean($_POST['key']);
    
    //Input Validations
    if($username == '') {
        $errmsg_arr[] = 'Username Missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password Missing';
        $errflag = true;
    }
    if($cpassword == '') {
        $errmsg_arr[] = 'Confirm Password Missing';
        $errflag = true;
    }
    if($email == '') {
        $errmsg_arr[] = 'Email Address Missing';
        $errflag = true;
    }
    if($pin == '') {
        $errmsg_arr[] = 'Your 4 Digit Pin is Missing';
        $errflag = true;
    }
    if($key == '') {
        $errmsg_arr[] = 'Your 25 Digit Beta Key is Missing';
        $errflag = true;
    }
    if( strcmp($password, $cpassword) != 0 ) {
        $errmsg_arr[] = 'Your passwords do not match!';
        $errflag = true;
    }
    
    //Check for duplicate Usernames
    if($username != '') {
        $qry = "SELECT * FROM users WHERE username='$username'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'Username already in use';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }
    
    //Check for duplicate Beta Keys
    if($key != '') {
        $qry = "SELECT * FROM beta_keys WHERE keys_used='$key'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'This Beta Key has already been used';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }
    
    //Check for duplicate Emails
    if($email != '') {
        $qry = "SELECT * FROM users WHERE email='$email'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'Email already in use';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }
    
    //If there are input validations, redirect back to the registration form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: register.php");
        exit();
    }

    //Create INSERT query
    $qry = ("INSERT INTO users(username, password, email, pin, key) VALUES('$username', '$password', '$email', '$key', '$pin')");
    $result = mysql_query($qry);
    
    //Create DELETE query
    mysql_query("DELETE FROM beta_keys WHERE keys_new='$key'");    
    
    //Create Key query
    mysql_query("INSERT INTO beta_keys(keys_used) VALUES('$key')");
    
    //Check whether the query was successful or not
    if($result) {
        header("location: register-success.php");
        exit();
    }else {
        die("Query failed");
    }
?>

[revraz]

Are you using mysql_error after the query to see if any errors are being reported?

Also, for some reason, I can't see your first query, the box is empty for me.

Echo $qry and see what it looks like.

[snwspeck]

The MYSQL error that came back at me while using mysql_error was:

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key) VALUES('snwspeckle', '123456', '[email protected]', '8617489264219', '26' at line 1

[revraz]

Key is probably a MYSQL reserved word, try changing the field name or use `key`.

[snwspeck]

Thank you revraz, its fixed. I love you

 

P.S. NO hom