kallestie
asked on
PHP Insert Post Data into MySQL
For some reason this query does not insert. The connection is there. Does anyone see a syntax error or something? I cannot figure out why it will not insert.
$registration_query = "INSERT INTO event_users (first_name,last_name,comp any,phone, email,pass wrd,is_act ive,last_l ogin,super _admin,add ress,addre ss2,city,s tate,zip,p hone,URL) values ('$firstname','$lastname', '$organiza tion','$te lephone',' $email','$ password1' ,1,GetDate (),0,'$add ress','$ad dress2','$ city','$st ate','$zip ','$teleph one','$URL ')";
$registration_query = "INSERT INTO event_users (first_name,last_name,comp
lets see the whole code.
what you should do is echo the query, copy and paste the outputted query into a query agent and run it and see what errors it produces
one of your variables might contain a ' in it, which will break said query
you could always mysql_real_escape_string() each variable to be sure.
one of your variables might contain a ' in it, which will break said query
you could always mysql_real_escape_string()
I suppose you have after what you show
$result = mysql_query($registration_ query)
$result = mysql_query($registration_
Replace GetDate() with NOW(). GetDate is used in MS SQL, and Now() is the MySQL equivalent to GetDate(), and will get the current timestamp.
Curdate() will give you just the date if your field type is date
now() will give you date and time if your field type is datetime
now() will give you date and time if your field type is datetime
ASKER
$registration_query = "INSERT INTO event_users (first_name,last_name,comp any,phone, email,pass wrd,is_act ive,last_l ogin,super _admin,add ress,addre ss2,city,s tate,zip,p hone,URL) values ('$firstname','$lastname', '$organiza tion','$te lephone',' $email','$ password1' ,1,Curdate () ,0,'$address','$address2', '$city','$ state','$z ip','$tele phone','$U RL')";
$result = mysql_query($registration_ query);
This returns nothing.
$result = mysql_query($registration_
This returns nothing.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
what about what I initially said about mysql_real_escape_string
the ones I didn't escape where password, because you shouldn't allow ' in a password anyways
or if you do you should be encrypting the password and there is no ' in encrypted strings.
$zip should be numbers,
$phone shoud be numbers
$url can't have a ' in it anyways, so you should be testing for that before hand and make sure they type a proper url.
the ones I didn't escape where password, because you shouldn't allow ' in a password anyways
or if you do you should be encrypting the password and there is no ' in encrypted strings.
$zip should be numbers,
$phone shoud be numbers
$url can't have a ' in it anyways, so you should be testing for that before hand and make sure they type a proper url.
$registration_query = "INSERT INTO event_users (first_name,last_name,company,phone,email,passwrd,is_active,last_login,super_admin,address,address2,city,state,zip,phone,URL) values ('".mysql_real_escape_string($firstname)."','".mysql_real_escape_string($lastname)."','".mysql_real_escape_string($organization)."','".mysql_real_escape_string($telephone)."','".mysql_real_escape_string($email)."','$password1',1,Curdate() ,0,'".mysql_real_escape_string($address)."','".mysql_real_escape_string($address2)."','".mysql_real_escape_string($city)."','".mysql_real_escape_string($state)."','$zip','$telephone','$URL')";
$result = mysql_query($registration_query);
I notice your password field is named 'passwrd', while all your other field names are not abbreviated. Is this field name accurate? If the missing 'o' is a typo, and the field name is actually 'password', you'll need to wrap the field name in backticks (`password`) because "password" is a reserved term in MySQL. Always a good idea to wrap all table and field names in backticks to avoid problems like this - even better idea to avoid using reserved words as table/field names.
Just another possibility. 'logudotcom's suggestion of adding the or die() error output will tell you if you've got field naming issues.
Just another possibility. 'logudotcom's suggestion of adding the or die() error output will tell you if you've got field naming issues.
ASKER
Thank you, I had phone 2 times.