Jump to content

PHP add new register in database


sigmahokies

Recommended Posts

Hi everyone,

 

I'm sure you have seen me around in here by learning PHP, I am getting advance now. But I don't understand why it won't insert in PHPmyadmin (MySQL) with my prompt in php. Can you find why it won't add name as insert into my database?

 

if ($_POST['submmited']) 
{
$first = $_POST['firstname'];
$last = $_POST['lastname'];
$email = $_POST['email'];
 
if ($first && $last && $email) {
$sql = "INSERT INTO Student (StudentID,Firstname,LastName,Email) VALUES (NULL,'$first','$last','$email')";
mysqli_query($Garydb, $sql);
}
else {
echo "Failed to add register";
}
}
 
I checked around, there is no mistake but it won't add a new as insert into my database...why? What Did I do wrong?
 
Thank you in advance
 
Gary
Edited by sigmahokies
Link to comment
Share on other sites

 

Hi everyone,

 

I'm sure you have seen me around in here by learning PHP, I am getting advance now. But I don't understand why it won't insert in PHPmyadmin (MySQL) with my prompt in php. Can you find why it won't add name as insert into my database?

 

if ($_POST['submmited']) 
{
$first = $_POST['firstname'];
$last = $_POST['lastname'];
$email = $_POST['email'];
 
if ($first && $last && $email) {
$sql = "INSERT INTO Student (StudentID,Firstname,LastName,Email) VALUES (NULL,'$first','$last','$email')";
mysqli_query($Garydb, $sql);
}
else {
echo "Failed to add register";
}
}
 
I checked around, there is no mistake but it won't add a new as insert into my database...why? What Did I do wrong?
 
Thank you in advance
 
Gary

 

If the StudentID is an Auto Increase Int don't mention it in your query and try the delimited sign

$sql = "INSERT INTO Student (`Firstname`,`LastName`,`Email`) VALUES (`$first`,`$last`,`$email`)";
Link to comment
Share on other sites

As @cobusbo said, remove StudentID and the NULL entry. What you have is old school Mysql functionality as far as using the null on an auto-increment column as you have it. Newer version Mysql wont work, dont remember what version that changed, nevertheless, it is completely unnecessary.

Edited by benanamen
Link to comment
Share on other sites

I think i know why it won't insert a new data in PHPmyadmin, It show the error in the function in the database, the message showed "A fatal JavaScript error has occur". It must prevent the add a new data in the database. 

 

Of course, I removed StudentiD and NULL from function already, but still won't add the new data...

Link to comment
Share on other sites

I think i know why it won't insert a new data in PHPmyadmin, It show the error in the function in the database, the message showed "A fatal JavaScript error has occur". It must prevent the add a new data in the database. 

 

Of course, I removed StudentiD and NULL from function already, but still won't add the new data...

Where is the form?

Link to comment
Share on other sites

You've adopted some weird and even dangerous techniques, so the first thing you should do is actually learn how the MySQLi extension works.

 

Queries don't just fail. Whenever there's a problem, MySQLi provides a detailed error report. This can either be manually requested through mysqli_error(), or you can ask MySQLi to automatically throw exceptions:

<?php

const DB_HOST = 'localhost';
const DB_USER = '...';
const DB_PASSWORD = '...';
const DB_NAME = '...';

// Turn on exceptions so that you don't have to manually check for errors
$mysqliDriver = new mysqli_driver();
$mysqliDriver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT;

$databaseConnection = new mysqli('localhost', DB_USER, DB_PASSWORD, DB_NAME);

You can't just insert PHP variables into query strings. This will lead to SQL injection attacks and crash your application whenever the input happens to include a single quote (which does happen in the English language). To fix this problem, use prepared statements:

$registrationStmt = $databaseConnection->prepare('
  INSERT INTO
    student
  SET
    firstname = ?,
    lastname = ?,
    email = ?
');
$registrationStmt->bindParam('sss', $_POST['firstname'], $_POST['lastname'], $_POST['email']);
$registrationStmt->execute();

As you can see, the $_POST values never touch the query string directly. Instead, you create a query template with three parameters (the question marks), and then you bind the values to those parameters. This provides perfect security and robustness.

 

Last but not least, you should get rid of this weird “CamelCase” naming style. Make the identifiers all-lowercase to avoid confusion and mistakes.

  • Like 2
Link to comment
Share on other sites

 

 

Last but not least, you should get rid of this weird “CamelCase” naming style. Make the identifiers all-lowercase to avoid confusion and mistakes.

 

+1

I personally prefer an underscore separator as well.

 

first_name

 

Much more readable to me than firstname. Sticking to lowercase will completely eliminate an errors due to wrong case. If you develop on windows (IIS) it is dumb when it comes to case and thinks FIRSTNAME, firstname and FirstName is all the same, then you move it to Linux and run into problems since Linux says they are all different.

Edited by benanamen
Link to comment
Share on other sites

All right, I will do my best to make reduced the risk of weird and dangerous technique. I have two websites, one website for practice, other one is set as professional website what I learned from previous website. For now, I am using one website for practice, but oddly, in practice website, Insert data into the database is working, so, I copied the code from practice one to my professional website, it is not working. Of course, I tested the connect to MySQL and select database, it works finely. what I don't get is why practice one is working, and professional website does not work at all. I am beginning to think about different OS in server; my professional website is in ubuntu, maybe this practice website is other OS, maybe Linux or IIS. I don't like IIS, but I'm not sure Linux. 

 

Now, I am practice on update the data in the database, I know it is little harder than register. You can look up in other thread in this website.

Link to comment
Share on other sites

in practice website, Insert data into the database is working, so, I copied the code from practice one to my professional website, it is not working.

That's a perfect moment to learn! Rather than copying the one that seems to be working, compare the two implementations to see what's different. It may add a little more time, but it will give you a better understanding of the output you're receiving and the functions that you're trying to use. If you can't spot the differences or make sense of it yourself, paste the snippets here (minus credentials of course) and there are plenty of people happy to help.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.