lepirtle
asked on
PHP syntax regarding INSERT INTO
I am trying to write a statement that inserts 3 fields of data into multiple records. I believe my logic is correct but am having problems with the syntax. I've tried various combinations of "" and '' but still no success.
My statement is:
WHILE ($row = mysql_fetch_row($results))
{
"INSERT INTO tbl_cnpa_ic_comments
(eastern,file,comment) VALUES ('$eastern','$_POST[f".$ro
}
Might someone offer a solution? Thanks.
My statement is:
WHILE ($row = mysql_fetch_row($results))
{
"INSERT INTO tbl_cnpa_ic_comments
(eastern,file,comment) VALUES ('$eastern','$_POST[f".$ro
}
Might someone offer a solution? Thanks.
what are you trying to do?
assuming that $row[1] contains the value '123'
what i understood is that you're inserting the post variable coming from the fields f123 and c123?
if so: here's the final sql
$mysqli->query("insert into tbl_cnpa_ic_comments (eastern,file,comment) VALUES ('" . $eastern . "', '" . $_POST["f".$row[1]] . "', '" . $_POST["c".$row[1]] . "')");
give us more details on what you're trying to do!
assuming that $row[1] contains the value '123'
what i understood is that you're inserting the post variable coming from the fields f123 and c123?
if so: here's the final sql
$mysqli->query("insert into tbl_cnpa_ic_comments (eastern,file,comment) VALUES ('" . $eastern . "', '" . $_POST["f".$row[1]] . "', '" . $_POST["c".$row[1]] . "')");
give us more details on what you're trying to do!
I see a couple of issues here.
First and foremost you must get off MySQL now and never go back to it again. PHP is doing away with MySQL support. https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
After that, you want to understand the meaning of quotes in PHP. It's a syntax thing, applicable to all PHP code.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12241-Quotation-Marks-in-PHP.html
Then to follow on, you would never use an external variable from $_POST in a query string. You would want to escape or prepare the variables for use in the query string. Some of the common design patterns are shown in the article above.
If you can use PHP var_dump($_POST) and show us the output we can probably help with the basic statements you need.
First and foremost you must get off MySQL now and never go back to it again. PHP is doing away with MySQL support. https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
After that, you want to understand the meaning of quotes in PHP. It's a syntax thing, applicable to all PHP code.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12241-Quotation-Marks-in-PHP.html
Then to follow on, you would never use an external variable from $_POST in a query string. You would want to escape or prepare the variables for use in the query string. Some of the common design patterns are shown in the article above.
If you can use PHP var_dump($_POST) and show us the output we can probably help with the basic statements you need.
ASKER
Thank you all. Sorry for the delay in responding but I took the time to compose a reply that would cover all your suggestions.
Hi Dave Baldwin,
Thank you for your suggestion but I tried your code but received the following message:
Parse error: syntax error, unexpected '"', expecting ']' on line 29
Hi Dany Balian:
I tried your suggestion, though I changed the
$mysqli->query("insert into
to
$mysql_query("insert into
and received an error message:
Parse error: syntax error, unexpected '}' in line 29
To answer your question of what I am trying to do (and I will shorten the table names to simply tbl_files and tbl_comments to make things simpler):
I have a form that captures 2 values, f and c, and it captures multiple records of each of those 2 values, depending on the number of rows in tbl_files.
The applicable code for this form is:
<?php
$sql = "SELECT *
FROM tbl_files
ORDER BY file";
$results = mysql_query($sql);
$num_rows =mysql_num_rows($results);
?>
<form>
<?php
WHILE ($row = mysql_fetch_row($results))
{
echo
"
<img src=\"".$row[0].$row[1]."\
<textarea name='f".$row[1]."'id='f".
</tr>
<tr>
<td><textarea name='c".$row[1]."'id='c".
</td>
</tr>
</table>";
}
?>
</table>
<input name="submit1" type="submit" id="submit1" value="Submit" />
</form>
What I want is to insert those 2 values (along with a time/date stamp) as multiple records into a table named tbl_comments. But what is causing me problems (which is the reason for the question I posted to Experts Exchange) is that the number of records that will be inserted depends on the number of records contained in the tbl_files. That is why I thought that the INSERT PHP could read something like:
<?php
/* Create a date parameter to insert into the transaction date field.*/
$eastern = date ("Y-m-d H:i:s");
$sql = "SELECT *
FROM tbl_files";
$results = mysql_query($sql); or die(mysql_error());
WHILE ($row = mysql_fetch_row($results))
{
"INSERT INTO tbl_comments
(eastern,file,comment) VALUES ('$eastern','$_POST[f".$ro
}
Obviously I can hard-code the VALUES to be inserted but I think there is a better way which is what you have attempted to do.
Hello Ray Paseur,
With much dismay, I read your warning about not using MySQL. I am so sorry to read that as thousands of others probably are. I have read many of your postings and you have directly helped me a number of times so as you can probably see from my questions I am a very novice “script kiddy” to use a phrase from your article. I surely respect your expertise but I am not operating on the same level as you. I simply volunteer for very basic web projects for neighborhood not-for-profits. Nothing involving money but things as simple as the above project or something like allowing members of a running club to track their member’s daily exercise. A few years ago Godaddy decided to stop support of ColdFusion a scripting language that I thought would be around for a while since it was a Macromedia/Adobe product. But that stoppage caused me to learn, what I thought was future-proof, MySQL/ PHP. It was a steep learning curve for this old man but I managed to understand some of the basics with hundreds of frustrating hours and a fair amount of help from Experts Exchange. So I will take your advice and begin gathering data for MySQLi or PDO but it will take me quite a while just to be able to begin their use let alone begin to write something workable. And I say this apologetically because I don’t have the knowledge that is required to make the transition so quickly, for the current project for the not-for-profit I am helping – a project that will be used another 6 times this year for only a few days at a time - I just need to complete it then begin the migration and learning curve to understand one of my two new options for my future volunteering.
Hi Dave Baldwin,
Thank you for your suggestion but I tried your code but received the following message:
Parse error: syntax error, unexpected '"', expecting ']' on line 29
Hi Dany Balian:
I tried your suggestion, though I changed the
$mysqli->query("insert into
to
$mysql_query("insert into
and received an error message:
Parse error: syntax error, unexpected '}' in line 29
To answer your question of what I am trying to do (and I will shorten the table names to simply tbl_files and tbl_comments to make things simpler):
I have a form that captures 2 values, f and c, and it captures multiple records of each of those 2 values, depending on the number of rows in tbl_files.
The applicable code for this form is:
<?php
$sql = "SELECT *
FROM tbl_files
ORDER BY file";
$results = mysql_query($sql);
$num_rows =mysql_num_rows($results);
?>
<form>
<?php
WHILE ($row = mysql_fetch_row($results))
{
echo
"
<img src=\"".$row[0].$row[1]."\
<textarea name='f".$row[1]."'id='f".
</tr>
<tr>
<td><textarea name='c".$row[1]."'id='c".
</td>
</tr>
</table>";
}
?>
</table>
<input name="submit1" type="submit" id="submit1" value="Submit" />
</form>
What I want is to insert those 2 values (along with a time/date stamp) as multiple records into a table named tbl_comments. But what is causing me problems (which is the reason for the question I posted to Experts Exchange) is that the number of records that will be inserted depends on the number of records contained in the tbl_files. That is why I thought that the INSERT PHP could read something like:
<?php
/* Create a date parameter to insert into the transaction date field.*/
$eastern = date ("Y-m-d H:i:s");
$sql = "SELECT *
FROM tbl_files";
$results = mysql_query($sql); or die(mysql_error());
WHILE ($row = mysql_fetch_row($results))
{
"INSERT INTO tbl_comments
(eastern,file,comment) VALUES ('$eastern','$_POST[f".$ro
}
Obviously I can hard-code the VALUES to be inserted but I think there is a better way which is what you have attempted to do.
Hello Ray Paseur,
With much dismay, I read your warning about not using MySQL. I am so sorry to read that as thousands of others probably are. I have read many of your postings and you have directly helped me a number of times so as you can probably see from my questions I am a very novice “script kiddy” to use a phrase from your article. I surely respect your expertise but I am not operating on the same level as you. I simply volunteer for very basic web projects for neighborhood not-for-profits. Nothing involving money but things as simple as the above project or something like allowing members of a running club to track their member’s daily exercise. A few years ago Godaddy decided to stop support of ColdFusion a scripting language that I thought would be around for a while since it was a Macromedia/Adobe product. But that stoppage caused me to learn, what I thought was future-proof, MySQL/ PHP. It was a steep learning curve for this old man but I managed to understand some of the basics with hundreds of frustrating hours and a fair amount of help from Experts Exchange. So I will take your advice and begin gathering data for MySQLi or PDO but it will take me quite a while just to be able to begin their use let alone begin to write something workable. And I say this apologetically because I don’t have the knowledge that is required to make the transition so quickly, for the current project for the not-for-profit I am helping – a project that will be used another 6 times this year for only a few days at a time - I just need to complete it then begin the migration and learning curve to understand one of my two new options for my future volunteering.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to all of you. I simply ran out of time to complete my project in the way that I wanted (by using your suggestions) so resorted to hard-coding a couple pages. Though I did not utilize all the information you volunteered I have even more knowledge to continue to improve my code and I thank you for providing that, as well as the related subject material.
Open in new window