mysqli_query expects parameter 1 to be mysqli

[bhagat321]

/*CODE GIVEN BELOW: */

 

<?php

$conn=mysqli_connect("localhost","root","","form_reg"); 

 

if(isset($_POST['submit'])) { 

$name=$_POST['name'];

$email=$_POST['email'];

$add_line1=$_POST['add_line1'];

$vill=$_POST['village'];

$teh=$_POST['tehsil'];

$dist=$_POST['district'];

$state=$_POST['state'];

 

 

$form_insert="INSERT INTO registration (Name, Email, Add_line1,Village,Tehsil,State) VALUES('$name','$email,,'$add_line1','$vill','$teh', '$dist','$state');

 

$insert=mysqli_query($form_insert, $conn);

 

if(!$insert){

echo "data not inserted, some error";

}

 

else {

echo "data inserted successfully";

}

 

 

/*

 

--- THIS IS COMMENT FOR TESTING ----

echo $name;

echo $email;

echo $vill;

echo $land;

echo $state;

echo $irr;

 

*/

 

 

 

 

 

 

 

?>

[requinix]

Converting your code from mysql to mysqli takes more than just adding an "i" in a few places.

 

mysqli

[benanamen]

Since you are apparently just starting out, now is the time to start using PDO. You are already off to the wrong start with common noob mistakes. Do not create variables for nothing. NEVER EVER put variables in the query. Use prepared statements. Do not mix your naming styles. Pick one and stick to it. Except for classes, I recommend you always use lowercase column names and variables with an under_score_seperating_multiple_words. Your insert check logic is not needed. If you have things setup correctly any errors will be properly handled whether you want them logged, emailed to you or whatever. What you never want to do is output system error to the user which so far you have not done. This information is of no use to the user and of great use to a hacker.

[Psycho]

Give this a try. No promises that there are no typos since I didn't test it.

<?php
 
//Set variables for DB connection
$host = 'localhost';
$db   = 'form_reg';
$charset = 'utf8';
$user = 'root';
$pass = '';
//Connect to DB
$dsn = "mysql:host=$host;dbname=$db;charset=$charset";
$opt = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
    PDO::ATTR_EMULATE_PREPARES   => false,
];
$pdo = new PDO($dsn, $user, $pass, $opt);
 
//Process POST data
if($_SERVER['REQUEST_METHOD']=='POST')
{
    //Create array of the POST indexes to be used in query insert values
    $keyMap = array('name'=>0, 'email'=>0, 'add_line1'=>0, 'village'=>0, 'tehsil'=>0, 'state'=>0);
    //Pull the POST fields into an array to use for the insert
    $values = array_intersect_key($_POST, $keyMap);
    
    //Create a prepared statement
    $sql = "INSERT INTO registration
                (Name, Email, Add_line1, Village, Tehsil, State)
            VALUES
                (:name, :email, :add_line1, :village, :tehsil, :state)";
    $stmt = $pdo->prepare($sql);
    //Execute the query with the POST values
    $result = $stmt->execute($values);
 
    if($result===false)
    {
        echo "data not inserted, some error";
    }
    else
    {
        echo "data inserted successfully";
    }
}
 
//Set debug to true as needed
$debug = false;
if($debug)
{
    echo "<b>Debug data:</b><br>\n";
    echo "Post: <pre>" . print_r($_POST, 1) . "</pre><br>\n";
    echo "Values: <pre>" . print_r($values, 1) . "</pre>";
}
 
?>

Edited April 5, 2017 by Psycho

[Jacques1]

It makes no sense to check the return value of PDO method calls when you have exceptions enabled. Just do the query, and if it fails, the method will throw an exception.

 

The POST parameters should also be validated. Right now, any missing or invalid parameter will blow up the query, which isn't very elegant.