43235

What is wrong with my MySQL query?

Question:

So, I have a form that posts to my php file using ajax, and succeeds. But the following query doesn't insert anything. Can someone help me understand what I'm doing wrong?

My php file:

<?php include 'connect.php' ; $type = mysql_real_escape_string($_POST['type']); $title = mysql_real_escape_string($_POST['title']); $content = mysql_real_escape_string($_POST['content']); if ($type == 'Just Text') { mysql_query("INSERT INTO articles (title, type, thisisaninteger, content) VALUES ('".$title."', '".$type."', 0, '".$content."')")or die("MySQL Error: " . mysql_error()); } ?>

My connect.php:

<?php $dbhost = "localhost"; $dbname = "example"; $dbuser = "test"; $dbpass = "test"; mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error()); mysql_select_db($dbname) or die("MySQL Error: " . mysql_error()); ?>

Answer1:

If you aren't receiving any errors and the INSERT just doesn't happen, it is most likely because the if statement fails to be true. Verify that $type actually matches Just Text.

You should also be inserting values using <a href="http://j.mp/T9hLWi" rel="nofollow"><em>prepared statements</em></a>, and use <a href="http://php.net/pdo" rel="nofollow">PDO</a> or <a href="http://php.net/mysqli" rel="nofollow">MySQLi</a> - <a href="http://j.mp/QEx8IB" rel="nofollow">this article</a> will help you decide which.

Answer2:

first, echo "something" after the if statement and recall the data with your ajax post. you can find out if your if statement is working, then try formatting your variables like so

mysql_query("INSERT INTO articles (title, type, thisisaninteger, content) VALUES ('$title', '$type', 0, '$content')")or die("MySQL Error: " . mysql_error());

Answer3:

I just want to throw in an official vote/recommendation in favor of switching to a <a href="http://en.wikipedia.org/wiki/Prepared_statement" rel="nofollow">parameterized SQL statement</a>, too. In spite of the use of mysql_real_escape_string, schlepping a SQL statement together via string concatenation is neither necessary nor a good idea. Honestly, I find a prepared statement much, much easier to read than the typical string-concatenation exercise, as well:

$stmt = $dbh->prepare("SELECT * FROM users WHERE USERNAME = ? AND PASSWORD = ?"); $stmt->execute(array($username, $password));

Answer4:

Alright, it was a stupid mistake on my side. There were columns I didn't include and they were not being assigned a value. Thanks everyone for helping out.

Recommend

  • how to display images stored in a mysql database using PHP
  • MySQL/PHP foreach still only displaying first in database
  • PHP: Modern error handling in functions script
  • PHP, Email and Cron
  • Needing guidance on how to redirect a user if not logged in on admin panel
  • Can't get json out of mysql varchar but int
  • where is the fatal error “Cannot access empty property” in the PHP class function?
  • Saving contact form 7 data into custom db and not wordpress db
  • unique random id
  • Get the ID of the selected check box
  • MySQL Update with PHP variables in a loop
  • JSP not finding property in bean
  • Uncaught TypeError: Object [object Object] has no method 'fancybox'
  • is it secure to write mysql_connect ( “localhost”, “root”, “mypasswd” ) on file?
  • Modifying the AJAX PHP database example
  • Notice: Undefined index: image - unable to find the error
  • how to check if a field is not unique
  • Can't connect using mysql_connect to Database in ipage.com hosting?
  • error on mysqli::connect_errno
  • How to get the second value in a dropdown box based on the selected one in the first dropdown box
  • When to use PDO prepared queries. mysql_real_escape error
  • Laravel Eloquent integration in Codeigniter
  • JPA/Hibernate - Entity name seems to be important. If I rename to “Bob” works fine
  • How to run a set of SQL queries from a file, in PHP?
  • How to check if a string contains any string of a column in MySQL and vice versa?
  • Getting syntax error in mysql-php. You have an error in your SQL syntax;
  • PHP multiple file uploads
  • PDO error when wrong host name
  • MYSQ & MVC3 SQL connection error \\ ProviderManifestToken but I am using MySQL
  • Moving mysql files across servers
  • Display issues when we change from one jquery mobile page to another in firefox
  • Deselecting radio buttons while keeping the View Model in synch
  • How to check if every primary key value is being referenced as foreign key in another table
  • JSON with duplicate key names losing information when parsed
  • Jquery - Jquery Wysiwyg return html as a string
  • Comma separated Values
  • Hits per day in Google Big Query
  • FormattedException instead of throw new Exception(string.Format(…)) in .NET
  • Linking SubReports Without LinkChild/LinkMaster
  • XCode 8, some methods disappeared ? ex: layoutAttributesClass() -> AnyClass