Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 194
  • Last Modified:

query not executing in mysql

Hi below are is a php file that inserts information into a table in a mysql database.
It seems to be working (no error messages are generated) but when i do a select statement in the mysql database the query in the php file does'nt seem to be executed.
Any help is much appreciated.
Cheers


----------------------php file (submitform.php)-----------------------

<html>
<body>
<?php

if ((isset($_POST["traintime"]))
   &&(isset($_POST["traintype"]))
   &&(trim($_POST["traintime"])!='')
   &&(trim($_POST["traintype"])!='')):

       $traintime=addslashes($_POST["traintime"]);
       $traintype=addslashes($_POST["traintype"]);
       $db = mysql_connect ("localhost");
       mysql_select_db ("mysql" ,$db);
       $sql = "INSERT INTO timetable2 (traintime, traintype) VALUES ($traintime, $traintype)";
       $result = mysql_query($sql);
       printf("<tr><td>%s\n", $traintime);
       print (" ");
       printf("<tr><td>%s\n", $traintype);
else:
   print ("Error in post data");
endif;
?>
</body>
</html>


---------------------------html file ------------------
<html>
<head>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--

function sendform()
{
 if ((document.form.traintime.value!='')&&(document.form.traintype.value!=''))
 {
    document.form.submit();
 }
 else
 {
   alert("You must enter a first and last name");
 }
}


-->
</SCRIPT>
</head>
<body>
<form name="form" action="submitform.php" method="post">
First Name: <input type="text" name="traintime" size="25"
maxlength="25">
Last Name: <input type="text" name="traintype" size="25"
maxlength="25">
<p>
<input type="button" onClick="javascript:sendform()">
</form>
</body>
</html>
0
irish_paddy
Asked:
irish_paddy
  • 3
1 Solution
 
WysGCommented:
Hi

I'll start with a personnal advice : Don't mess around in the mysql database. I suggest that you create another database where to stock you data, and don't mess with the database that mysql is using to maintain is system. ^_^

As for your problem, if you get no error message i don't know what it could be, try to echo your $sql

Another thing

This
printf("<tr><td>%s\n", $traintime);
print (" ");
printf("<tr><td>%s\n", $traintype);


should be

printf("<table><tr><td>%s</td></tr>\n", $traintime);
printf("<tr><td>%s</td></tr></table>\n", $traintype);
0
 
VGRCommented:
agree 3000% with the above. Create yourself a database 8-) At least, you know that the 'mysql' one is connectable all the time :D

Let me review your code :

<?php

if ((isset($_POST["traintime"]))
  &&(isset($_POST["traintype"]))
  &&(trim($_POST["traintime"])!='')
  &&(trim($_POST["traintype"])!='')): // I suggest you use { and } and not :
//here note that PHP does NOT do what Turbo-Pascal and Delphi do : partial Boolean evaluation (optimization). This means that the above will issue a NOTICE or WARNING (probably) about $_POST[] being not set and trimed anyway

      $traintime=addslashes($_POST["traintime"]);
      $traintype=addslashes($_POST["traintype"]);
      // so I guess that your magic_quoting is off or else you'll addslashes to already-addslashed values 8-)
      $db = mysql_connect ("localhost"); // please do add "or die("failed to connect ".mysql_error());"
      mysql_select_db ("mysql" ,$db); // please do add "or die("failed to select DB ".mysql_error());" // would be surprising given it's "mysql" DB
      $sql = "INSERT INTO timetable2 (traintime, traintype) VALUES ($traintime, $traintype)";
      $result = mysql_query($sql); // please do add "or die("bad query '$query' : ".mysql_error());"
      printf("<tr><td>%s\n", $traintime); // badly terminated table line construct, </td></tr> please
      print (" "); // useless in a TABLE (would print touside of it) and meaningless in HTML : white space is &nbsp; and CRLF is <BR>
      printf("<tr><td>%s\n", $traintype);
else:// I suggest you use { and } and not :
  print ("Error in post data");
endif;// I suggest you use { and } and not :
?>
0
 
VGRCommented:
ALSO the most classical error of all : you forgot the QUOTES around values assed to the SQL. It's EVIL :D

Your request should be :

$sql = "INSERT INTO timetable2 (traintime, traintype) VALUES ('$traintime', '$traintype')";
     
0
 
VGRCommented:
the most classical and trivial errors are always the ones you see last 8-))
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now