How come PHP is not insertting my data into MySQL?

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
register.php
PHP:
<?php include ('config.php'); ?>
<html>
<head>
  <title>Menu Maniac</title>
  <LINK REL=StyleSheet HREF="style.css" TYPE="text/css" MEDIA=screen>
</head>
<body>
<div id="width">
<?php
if (isset($_POST['Submit'])) {
  $fName = check_input($_POST['fName']);
  $lName = check_input($_POST['lName']);
  $address = check_input($_POST['address']);
  $city = check_input($_POST['city']);
  $state = check_input($_POST['state']);
  $zipcode = check_input($_POST['zipcode']);
  $phone = check_input($_POST['phone']);
  $email = check_input($_POST['email']);
  $cardNum = check_input($_POST['cardNum']);
  $securityCode = check_input($_POST['securityCode']);
  $expMonth = check_input($_POST['expMonth']);
  $expYear = check_input($_POST['expYear']);
  
  $sql = "INSERT INTO members (id, password, ipaddress, fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear, organizations) VALUES (NULL, NULL, NULL, $fName,$lName,$address,$city,$zipcode,$phone,$email,$cardNum,$securtiyCode,$expMonth,$expYear, NULL)";
  $query = mysql_query($sql);
  if($query) { echo "Information has been registered.";
  }
  echo check_input($_POST['fName']);
  echo $fName;
  
  unset($_POST['Submit']);
  
} else {?>
<form action="" method="post">
  <table width="500" cellpadding="4" cellspacing="0" border="0">
    <tr>
      <td align="right" valign="top"><span class="style3">First Name*:</span></td>
      <td valign="top"><input type="text" name="fName" size="30" /></td>
    </tr>
    <tr>
      <td align="right" valign="top"><span class="style3">Last Name*:</span></td>
      <td valign="top"><input type="text" name="lName" size="30" /></td>
    </tr>
    <tr>
      <td align="right" valign="top"><span class="style3">Address:</span></td>
      <td valign="top"><input type="text" name="address" size="50" /><br /></td>
    </tr>
    <tr>

      <td align="right" valign="top"><span class="style3">City:</span></td>
      <td valign="top"><input type="text" name="City" size="30" value="" id="City" /></td>
    </tr>
    <tr>
          <td align="right" valign="top"><span class="style3">State:</span></td>
          <td valign="top"><input type="text" name="state" size="10" value="" id="State" /></td>
        </tr>
        <tr>

          <td align="right" valign="top"><span class="style3">Zipcode:</span></td>
          <td valign="top"><input type="text" name="zipcode" size="10" value="" id="Zipcode" /></td>
        </tr>
        <tr>
          <td align="right" valign="top"><span class="style3">Phone*:</span></td>
          <td valign="top"><input type="text" name="phone" size="15" value="" id="Phone" /></td>
        </tr>
        <tr>

          <td align="right" valign="top"><span class="style3">E-mail*:</span></td>
          <td valign="top"><input type="text" name="email" size="50" value="" id="Email Address" /><br />
            <span class="style3"><i>Please provide your e-mail address so we may better serve you.</i></span><br />
          </td>
        </tr>
      </table>
      <br />
      <br />
      <div style="padding:4px; background:#270000;">
        <span class="boldTitle"><font color="white">Credit Card Information</font></span></div>

      <table width="537" border="0">
        <tr>
          <td width="128">

            <div align="right">
              <span class="style3">Amount $</span></div>
          </td>
          <td width="379"><input type="text" name="xamount2" size="15" /></td>
          <td> </td>
        </tr>
        <tr>
          <td>

            <div align="right">
              <span class="style3">Debit/Credit Card #:</span></div>
          </td>
          <td><span class="style3"><input type="text" size="25" name="Debit Credit Card" id="Debit Credit Card" /> </span></td>
          <td> </td>
        </tr>
        <tr>

          <td>
            <div align="right">
              <span class="style3">Security Code:</span></div>
          </td>
          <td><span class="style3"><input type="text" name="Security Code" size="6" id="Security Code" /></span></td>
        </tr>

        <tr>
          <td>
            <div align="right">
              <span class="style3">Expiration Month:</span></div>
          </td>
          <td><span class="style3"><select name="Expiration Month" id="Expiration Month">
                <option></option>
                <option>01</option>

                <option>02</option>
                <option>03</option>
                <option>04</option>
                <option>05</option>
                <option>06</option>
                <option>07</option>

                <option>08</option>
                <option>09</option>
                <option>10</option>
                <option>11</option>
                <option>12</option>
              </select> </span></td>

          <td> </td>
        </tr>
        <tr>
          <td>
            <div align="right">
              <span class="style3">Expiration Year:</span></div>
          </td>
          <td><span class="style3"><select name="Expiration Year" id="Expiration Year">

                <option selected="selected"></option>
                <option>2007</option>
                <option>2008</option>
                <option>2009</option>
                <option>2010</option>
                <option>2011</option>

                <option>2012</option>
                <option>2013</option>
                <option>2014</option>
                <option>2015</option>
                <option>2016</option>
                <option>2017</option>

                <option>2018</option>
                <option>2019</option>
                <option>2020</option>
              </select> </span></td>
          <td> </td>
        </tr>

        <tr>
          <td><span class="style3"><img src="../images/creditCards.gif" alt="Credit Cards" width="139" height="30" border="0" /></span></td>
          <td> </td>
          <td> </td>
        </tr>
      </table>
      <br />
      <div align="center">
        <input type="reset" value="Reset" />     <input type="submit" name="Submit" value="Submit"></div>

    </form>
<?}?>


</div>
</body>
</html>

config.php (censored)
PHP:
<?php 
$DBhost = "";
$DBuser = "";
$DBpassword = "";

$con = mysql_connect($DBhost,$DBuser,$DBpassword);
if (!$con) {
  die('Could not connect: ' . mysql_error());
}
mysql_select_db("", $con);

function check_input($value) {
  if (get_magic_quotes_gpc()) {
    $value = stripslashes($value);
  }
  if (!is_numeric($value)) {
    $value = "'" . mysql_real_escape_string($value) . "'";
  }
return $value;
}
?>

PHP:
echo check_input($_POST['fName']);
  echo $fName;
gives me what I want, but when it goes to
insert it into the database, it fails.
PHP:
$query = mysql_query($sql);
  if($query) { echo "Information has been registered.";
  }
 

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
Try to add:

PHP:
mysql_select_db("", $con) or die("could not select db");

and:

PHP:
$query = mysql_query($sql) or die("error:". mysql_error());
 
Last edited:

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
that was a smart idea. get php to tell me whats going wrong xP

PHP:
error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','', NULL)' at line 1

I think i am using MySQL 5?
yes, I am using 5.0
 
Last edited:

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
that was a smart idea. get php to tell me whats going wrong xP

PHP:
error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','', NULL)' at line 1
I think i am using MySQL 5?
yes, I am using 5.0

try to replace all NULL's with 2 single quotes like ''
 

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
PHP:
$sql = "INSERT INTO members (id, password, ipaddress, fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear, organizations) VALUES ('NULL', 'NULL', 'NULL', $fName,$lName,$address,$city,$zipcode,$phone,$email,$cardNum,$securtiyCode,$expMonth,$expYear, 'NULL')";

I still get the error code.
Code:
error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','', 'NULL')' at line 1
 

TechAsh

Retired
Messages
5,853
Reaction score
7
Points
38
I think Vigge meant something like this:

PHP:
$sql = "INSERT INTO members (id, password, ipaddress, fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear, organizations) VALUES ('', '', '', $fName,$lName,$address,$city,$zipcode,$phone,$email,$cardNum,$securtiyCode,$expMonth,$expYear, '')";
 

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
o keyword, replace.
but still no avail.


PHP:
$sql = "INSERT INTO members (id, password, ipaddress, fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear, organizations) VALUES ('', '', '', $fName,$lName,$address,$city,$zipcode,$phone,$email,$cardNum,$securtiyCode,$expMonth,$expYear, '')";
Code:
error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','', '')' at line 1
 

z_killemall

New Member
Messages
47
Reaction score
0
Points
0
Try putting the PHP variables between single quotes:

PHP:
$sql = "INSERT INTO members (id, password, ipaddress, fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear, organizations) VALUES ('', '', '', '$fName','$lName','$address','$city','$zipcode','$phone','$email','$cardNum','$securtiyCode','$expMonth','$expYear', '')";
 

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
To debug, put an echo "\$sql = ->$sql <--" statement so you can see what mySQL sees as your query.

And as mentioned, when you insert strings into mySQL, they must be 'quoted'.
 

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
the check_input function already puts in the single quotes if the string is not numeric.

please read the whole thing before commenting.
 

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
the check_input function already puts in the single quotes if the string is not numeric.

please read the whole thing before commenting.

Fair point.

Did you put in the debug code so you can see what $sql really looks like?
 

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
PHP:
 if (!is_numeric($value)) {
    $value = "'" . mysql_real_escape_string($value) . "'";
  }

I don't think you need to do that when it's a variable? Because I never needed to
 

diabolo

Community Advocate
Community Support
Messages
1,682
Reaction score
32
Points
48
Fair point.

Did you put in the debug code so you can see what $sql really looks like?

yes I did and I came up with this:

Code:
$sql = ->INSERT INTO members (fName, lName, address, city, zipcode, phone, email, cardNum, securityCode, expMonth, expYear) VALUES ('dfgh', 'asdf', 'sdf', '', 'df', 'sdfsdf', 'sd', '', , '', '') <--

I think I might know where the problem is, but rite now im looking at another script..i'll write back soon
 

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
Using the debug message and expanding to sort of line up column name and value,

Code:
$sql = ->INSERT INTO members (
fName,  lName,  address,  city,  zipcode,  phone, email,  cardNum,  securityCode, expMonth,expYear
) 
VALUES (
'dfgh',  'asdf',    'sdf',       '',      'df',     'sdfsdf', 'sd'    ,       '' ,                ,         '',                          ''   )

Shows that securityCode value is blank (not even quotes).

Checking your the code that creates the string,

Code:
$securtiyCode

misspelled.

If you notice, the city field is blank. Assuming you filled all the input fields in your test, something is wrong there, too.

$city = check_input($_POST['city']);

but the html has

input type="text" name="City" size="30" value="" id="City"

mismatch.

Perhaps similar problems with other blank fields.
 
Last edited:

xav0989

Community Public Relation
Community Support
Messages
4,467
Reaction score
95
Points
0
Didn't see the second page...

Guess I'm tired!
 
Last edited:
Top