rrahulr Posted October 30, 2012 Share Posted October 30, 2012 Hello, I'm trying to concatenate a number split in 3 different text boxes and then compare it against the id value stored in the database and store in a variable so that the corresponding id number can be used in an insert statement, but i don't where i seem to go wrong.If any one could help me with this, it would be really helpful. Thanks. aggr_nr = $_REQUEST['list_nr_01'].$_REQUEST['list_nr_02'].$_REQUEST['list_nr_03']; $sql="SELECT v.id FROM vers_einl_aggregatenumber AS v WHERE v.aggr_nr = '".$aggr_nr."'";//missing Quotes $aggr_id = @mysql_query($sql); $result = @mysql_fetch_array($aggr_id); $test= $_get[$result['id']]; Quote Link to comment Share on other sites More sharing options...
Jessica Posted October 30, 2012 Share Posted October 30, 2012 Stop suppressing errors, see the link in my signature about SQL. The big problem is your last line. $_get is nothing. $_GET is the superglobal array holding the query string keys and values. It has nothing to do with your MySQL stuff. Look at the examples in my link and in the php manual. Quote Link to comment Share on other sites More sharing options...
White_Lily Posted October 30, 2012 Share Posted October 30, 2012 Plus I think $_get[""] cropes up an error, suggesting you dont have any error reporting either. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted October 30, 2012 Share Posted October 30, 2012 (edited) and... aggr_nr is not the same as $aggr_nr aggr_nr = $_REQUEST['list_nr_01'].$_REQUEST['list_nr_02'].$_REQUEST['list_nr_03']; $sql="SELECT v.id FROM vers_einl_aggregatenumber AS v WHERE v.aggr_nr = '".$aggr_nr."'";//missing Quotes Edited October 30, 2012 by mikosiko Quote Link to comment Share on other sites More sharing options...
rrahulr Posted October 30, 2012 Author Share Posted October 30, 2012 thanks a lot for your help.I figured it out where the mistake was..as jessica suggested $_get does not store the variables.But now I'm able to retrieve the id values from the database and when i try to insert, they go into the columns as "0".A bigger problem Quote Link to comment Share on other sites More sharing options...
White_Lily Posted October 30, 2012 Share Posted October 30, 2012 is the id column in the database set to "Auto Increment"? if not, try some simple maths to give each user an id on registration. Quote Link to comment Share on other sites More sharing options...
rrahulr Posted October 30, 2012 Author Share Posted October 30, 2012 yes, it is set to auto increment Quote Link to comment Share on other sites More sharing options...
White_Lily Posted October 30, 2012 Share Posted October 30, 2012 is it also set to "Primary" so that you cannot have 2 id's the same? Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted October 30, 2012 Share Posted October 30, 2012 could we see some code (inside code tags) for the insert that you are trying to perform - including where the values you think should be inserted are comming from? Quote Link to comment Share on other sites More sharing options...
Christian F. Posted October 30, 2012 Share Posted October 30, 2012 White_Lily: As an little aside. Any fields in MySQL that's defined as AUTO_INCREMENT must be the PRIMARY KEY, otherwise the engine will error out on the creation query. Quote Link to comment Share on other sites More sharing options...
rrahulr Posted October 31, 2012 Author Share Posted October 31, 2012 (edited) The primary key which is the id is set to auto increment. Here's the code... if($_POST['formSubmit'] == "Submit") { //appending the date to store in the database. $entry_date_array = array($_REQUEST["year"],$_REQUEST["month"],$_REQUEST["day"]); $entry_date = implode('-', $entry_date_array); echo "$entry_date"; //appending aggr nr and fetching the id from the database. $aggr_nr = $_REQUEST['list_nr_01'].$_REQUEST['list_nr_02'].$_REQUEST['list_nr_03']; $sql="SELECT v.id FROM aggregatenumber AS v WHERE v.aggr_nr = '".$aggr_nr."'";//missing Quotes $aggr_id = @mysql_query($sql); $result = @mysql_fetch_array($aggr_id); $test= $result['id']; echo "$test"; $sql_einl_sp = "INSERT INTO search_parts(entry_date,aggr_nr)values('".$entry_date."','".$test."')"; $result_einl_sp = @mysql_query($sql_einl_sp); if ($result_einl_sp == false) die(" Could not execute statement ".$sql_einl_sp); @mysql_close(); } Html Code ----- <body> <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"> <h>Save Information</h> <input type="submit" name="formSubmit" value="Submit" /> <input type="submit" name="btncancel" value="Cancel"/> </form> </body> Edited October 31, 2012 by rrahulr Quote Link to comment Share on other sites More sharing options...
haku Posted October 31, 2012 Share Posted October 31, 2012 As mentioned earlier, you will likely get a better idea of what is going on if you stop suppressing your errors in your code. It's better to not suppress errors and get a clue as to the problem, than to suppress them and leave yourself guessing. Quote Link to comment Share on other sites More sharing options...
rrahulr Posted October 31, 2012 Author Share Posted October 31, 2012 Well, even after i stopped suppressing the errors, i still remain clueless and guessing on what the issue might be.There is no error messages that come up on the screen even after i checked using mysql_query($sql) and die(mysql_error()). Quote Link to comment Share on other sites More sharing options...
White_Lily Posted October 31, 2012 Share Posted October 31, 2012 dont use mysql_error() create a php.ini file if there isnt one already, and enter into it: display_errors = on error_reporting = -1 That will put up every possible error in your code - PS: this probably wont work if your suppressing the errors. Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted October 31, 2012 Share Posted October 31, 2012 @White_Lily That's great for PHP errors, but has absoloutly nothing to do with MySQL errors returned from the database. Your talking about two completly different things mysql_error() should alway be used when running mysql transactions, echoed in development and loged in production. also......I've never come accross a PHP installation that didn't have a php.ini file....does it even run without it? @rrahulr Could you try this slight modification and let us know what you get back? Also, a breakdown of your table structure would be right handy. if($_POST['formSubmit'] == "Submit") { //appending the date to store in the database. $entry_date_array = array($_REQUEST["year"],$_REQUEST["month"],$_REQUEST["day"]); $entry_date = implode('-', $entry_date_array); echo "$entry_date"; //appending aggr nr and fetching the id from the database. $aggr_nr = $_REQUEST['list_nr_01'].$_REQUEST['list_nr_02'].$_REQUEST['list_nr_03']; $sql_einl_sp = "INSERT INTO search_parts (entry_date, aggr_nr) VALUES ('$entry_date', (SELECT agg.id FROM aggregatenumber AS agg WHERE agg.aggr_nr = '$agg_nr'))"; $result_einl_sp = mysql_query($sql_einl_sp); if ($result_einl_sp === false) { die("Could not execute statement ".$sql_einl_sp); } else{ //just for testing $rowOut = mysql_affected_rows(); echo ("Query complete :<br>$rowOut rows inserted by the following :<br>$sql_einl_sp"; } Quote Link to comment Share on other sites More sharing options...
White_Lily Posted October 31, 2012 Share Posted October 31, 2012 hosting websites usually don't come with it, and yes php can run without php.ini - it's merely there to make life easier for the developer, and your right about the error thing - i didn't relize lol Quote Link to comment Share on other sites More sharing options...
Christian F. Posted October 31, 2012 Share Posted October 31, 2012 (edited) White_Lily: All webhosts use a php.ini file, whether or not you have access to edit. All hosts I'm using have a user-specific php.ini which I can edit to my hearts contents. Some, cheaper hosts, have only one php.ini for all of their customers. Which means that they're probably also running the Apache process under a generic user, which has access to all of the users' web roots. This is probably what your host is doing, but has allowed you to override some of the settings via a custom php.ini file in your web root. First time I've heard of it. btw. I'm not saying that most hosts do it this way, or the other, just that you should be careful what you state as a fact based upon a very limited experience. rrahulr: Your scripts are vulnerable to SQL injections as well, since you're neither typecasting or using mysql_real_escape_string () to ensure the user provided data is safe for inclusion in the SQL query. You should also research input validation, so that you can tell your users when they've posted invalid data, and give them a chance to fix it. As for your use of $_SERVER['PHP_SELF'], please see this post. First and foremost, it bears to repeat: Don't hide your errors, but fix them. Edited October 31, 2012 by Christian F. Quote Link to comment Share on other sites More sharing options...
Christian F. Posted October 31, 2012 Share Posted October 31, 2012 Just a little update to this statement: Any fields in MySQL that's defined as AUTO_INCREMENT must be the PRIMARY KEY, otherwise the engine will error out on the creation query. Seems my recollection was a bit off, as the error message states "a key", and not "primary key". Sorry about that. Thanks to mikosiko for reminding me about it. In any case, if you set a field to be AUTO_INCREMENT chances are really high that you want it to be the primary key as well. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.