Solved

PHP Insert Post Data into MySQL

Posted on 2008-06-20
10
822 Views
Last Modified: 2013-12-12
For some reason this query does not insert. The connection is there. Does anyone see a syntax error or something? I cannot figure out why it will not insert.

$registration_query = "INSERT INTO event_users (first_name,last_name,company,phone,email,passwrd,is_active,last_login,super_admin,address,address2,city,state,zip,phone,URL) values ('$firstname','$lastname','$organization','$telephone','$email','$password1',1,GetDate(),0,'$address','$address2','$city','$state','$zip','$telephone','$URL')";
0
Comment
Question by:kallestie
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 17

Expert Comment

by:nplib
ID: 21831646
lets see the whole code.
0
 
LVL 17

Expert Comment

by:nplib
ID: 21831668
what you should do is echo the query, copy and paste the outputted query into a query agent and run it and see what errors it produces

one of your variables might contain a ' in it, which will break said query

you could always mysql_real_escape_string() each variable to be sure.
0
 
LVL 28

Expert Comment

by:gamebits
ID: 21831741
I suppose you have after what you show

$result = mysql_query($registration_query)
0
 
LVL 16

Expert Comment

by:DrNikon224
ID: 21831998
Replace GetDate() with NOW(). GetDate is used in MS SQL, and Now() is the MySQL equivalent to GetDate(), and will get the current timestamp.
0
 
LVL 17

Expert Comment

by:nplib
ID: 21832051
Curdate() will give you just the date if your field type is date
now() will give you date and time if your field type is datetime
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 2

Author Comment

by:kallestie
ID: 21832151
$registration_query = "INSERT INTO event_users (first_name,last_name,company,phone,email,passwrd,is_active,last_login,super_admin,address,address2,city,state,zip,phone,URL) values ('$firstname','$lastname','$organization','$telephone','$email','$password1',1,Curdate() ,0,'$address','$address2','$city','$state','$zip','$telephone','$URL')";
      
$result = mysql_query($registration_query);

This returns nothing.
0
 
LVL 36

Accepted Solution

by:
Loganathan Natarajan earned 500 total points
ID: 21832175
try
$result = mysql_query($registration_query) or die("Error: ".mysql_error());

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 21832222
what about what I initially said about mysql_real_escape_string

the ones I didn't escape where password, because you shouldn't allow ' in a password anyways
or if you do you should be encrypting the password and there is no ' in encrypted strings.

$zip should be numbers,
$phone shoud be numbers
$url can't have a ' in it anyways, so you should be testing for that before hand and make sure they type a proper url.
$registration_query = "INSERT INTO event_users (first_name,last_name,company,phone,email,passwrd,is_active,last_login,super_admin,address,address2,city,state,zip,phone,URL) values ('".mysql_real_escape_string($firstname)."','".mysql_real_escape_string($lastname)."','".mysql_real_escape_string($organization)."','".mysql_real_escape_string($telephone)."','".mysql_real_escape_string($email)."','$password1',1,Curdate() ,0,'".mysql_real_escape_string($address)."','".mysql_real_escape_string($address2)."','".mysql_real_escape_string($city)."','".mysql_real_escape_string($state)."','$zip','$telephone','$URL')";

      

$result = mysql_query($registration_query);

Open in new window

0
 
LVL 16

Expert Comment

by:DrNikon224
ID: 21832242
I notice your password field is named 'passwrd', while all your other field names are not abbreviated. Is this field name accurate? If the missing 'o' is a typo, and the field name is actually 'password', you'll need to wrap the field name in backticks (`password`) because "password" is a reserved term in MySQL. Always a good idea to wrap all table and field names in backticks to avoid problems like this - even better idea to avoid using reserved words as table/field names.

Just another possibility. 'logudotcom's suggestion of adding the or die() error output will tell you if you've got field naming issues.
0
 
LVL 2

Author Closing Comment

by:kallestie
ID: 31469170
Thank you, I had phone 2 times.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now