Jump to content

What should be a simple issue is making me nuts... Help please.

Johninbc

By Johninbc
in PHP Coding Help

 Share

Recommended Posts

Johninbc Newbie

Johninbc

Posted
Posted (edited)

A very simple script to pass a form to a databasase.... Should be simple, right?

Well, the script runs without errors, the var_dump output is apparently correct, the sql statement runs when I put it in the mysql window of phpmyadmin (without the enclosing quotes that are output in the var_dump) and enters the data into the database, but when I run it for real, nothing is inserted intothe database, though the key counter is incremented.

I will post the entire code for the script as well as the output of hte var_dump.

I'm absolutely certain it's something really simple and stupid, but for eh life of me I cannot see it. Been fighting with this for over 40 hours.

Any insight would be appreciated.

***********************************************************

 

<?php
define('db_name', 'ssidata');
define('db_table', 'man_data');
define('db_user', '*******');
define('db_pass', '*******');
define('db_server', 'localhost');
        
$company = $_POST['company'];
$first = $_POST['first'];
$last = $_POST['last'];
$position = $_POST['position'];
$addr = $_POST['addr'];
$city = $_POST['city'];
$state = $_POST['state'];
$country = $_POST['country'];
$zip = $_POST['zip'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$skype = $_POST['skype'];
$type = $_POST['type'];
$notes = $_POST['notes'];


$dbconnect = "'localhost', 'john', 'roobear', 'ssidata'";

$conn = "mysqli_connect($dbconnect)";
         if (!$conn)
         { (die('No database table connection'));
         }
         echo "connected to database";
         echo"";
$user_info = "INSERT INTO man_data (company, first, namlast, position, addr, city, state, country, zip, phone, email, skype, type, notes) VALUES ($company','$first','$last','$position','$addr','$city','$state','$country','$zip','$phone','$email','$skype','$type','$notes')";
$writedata = "mysqli_query($conn $user_info)";
echo "dbconnect";
var_dump($dbconnect);
echo "writedata";
var_dump($writedata);
echo "user info";
var_dump($user_info);
echo $user_info;
      if ( $writedata )
            {
             echo "Your information was added to the database.";
              //  mysqli_close($dbconnect);
            }
            else
            {
                die("Error posting to database: " .mysql_error());
            }
            ?>

<a href='entry_form.php'>Click to return to Data Entry Page</a>;

 

******************************************************************************

 

Var_dump for user_info

'INSERT INTO man_data (company, first, namlast, position, addr, city, state, country, zip, phone, email, skype, type, notes) VALUES (1','2','3','4','5','6','7','8','9','12','23','34','fullsystems','1234')'

The only thing I can think of is the enclosing quotes but I cannot figure out how to pass that variable without them.

Peace...
john.

Edited by Johninbc
db credentials
maxxd Prolific Member

maxxd

Posted
Posted

You're missing a quote in front of the first parameter's value. Change "...VALUES ($company','$first',..." to "...VALUES ('$company','$first',..."

 

Are those values integers or strings? If integers, you don't need the quotes anyway.

 

In addition, $writedata is a string in the context you posted, and doesn't actually run the mysqli_query() function - you're missing a comma between your parameters and would have received an error if it'd actually run. Furthermore, you're using Mysqli - which is good - but you're still wide open to SQL injection. Use a prepared statement for the insert.

Johninbc Newbie

Johninbc

Posted
  • Author
Posted

Thanks guys.
As for teh credentials, it's not a live database and the real one will be rather different. The purpose is not for general public, but internal use by only a few people, so injection isn't much of an issue. I will be adding security and validation as I go.
All the values are strings...  Teh quote error was from a test I did with another fellow that didn't get corrected properly.
I will try the corrections suggested and advise.

Johninbc Newbie

Johninbc

Posted
  • Author
Posted

MAde the corrections and it hasn't changed the issue with it not actually inputing the data to the Db... It's strange that I can do it manually with the exact same statement and it works fine, but not when called from software.

Johninbc Newbie

Johninbc

Posted
  • Author
Posted (edited)

You need to pass 4 parameters when you connect, not just 1.

 

Try

$conn = "mysqli_connect(db_host, db_user, db_pass, db_name)";

I had those variables in teh statement at first and it coughed and threw up.. No idea why... So I changed them tothe actual values and that cleared up the issue... There are 4 passed by $dbconnect

 

But for SH**s and giggles I changed it and no difference.

Edited by Johninbc
Johninbc Newbie

Johninbc

Posted
  • Author
Posted

 

There shouldn't be double quotes around mysqli_connect. It should be

$conn = mysqli_connect(db_host, db_user, db_pass, db_name);

Bingo... sort of... I had to change the $writedata variable setting too... AWESOME!!! now it works...

 

That shoud teach me not to listen to the tutorials on the net, I guess... LOL

 

thank you so much....

 

John.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.