0 
<form method="post" action="updatescreen(2).php">
Name of company:<br />
<input type="text" name="artid" id="artid" size="50" /><br /><br />
<input type="submit" name="Insert" id="Insert" value="Insert" /><br /><br />

<?php
if(isset($_POST['Insert'])){
    $id = $_POST['artid'];

    mysql_query("INSERT INTO test (id) VALUES ('$id', )");
}

?></form>

The connection to the database is included so not mentioned here. The connection is working fine, that's not the problem.

The problem is: the php code doesn't work. The php code doesn't insert the data into my database. What's wrong?

Improve this question
1
  • are you getting any errors? Commented Nov 6, 2013 at 13:32

5 Answers 5

Reset to default
3

You had a , after '$id':

mysql_query("INSERT INTO test (id) VALUES ('$id')");

Your code is also open to SQL injection. You should be using something like PDO instead of the mysql_* functions, which are deprecated. With PDO, you can guard against SQL injections by using prepared statements.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

3

Change

mysql_query("INSERT INTO test (id) VALUES ('$id', )");

to

mysql_query("INSERT INTO test (id) VALUES ('$id')");
Improve this answer

Comments

2

You have one comma too many.

mysql_query("INSERT INTO test (id) VALUES ('$id')");

In future, try printing the error, which will help you debug the problem yourself:

mysql_query("INSERT INTO test (id) VALUES ('$id')") or die(mysql_error());

And please use PDO or mysqli instead of the mysql_ functions, which are insecure and deprecated.

Improve this answer

Comments

0

Try 

<?php if(isset($_POST['Insert'])){
    $id = $_POST['artid'];

    mysql_query("INSERT INTO test (id) VALUES ('".$id."')")or die(mysql_error());
}?>


  <form method="post" action="updatescreen(2).php">
Name of company:<br />
<input type="text" name="artid" id="artid" size="50" /><br /><br />
<input type="submit" name="Insert" id="Insert" value="Insert" /><br /><br />

And => think about the safety!

Improve this answer

Comments

0

Errors:

mysql_query("INSERT INTO test (id) VALUES ('$id', )");
                                             ^---not secure, potencial sql injection
                                                ^----not need ","

Use this code for more security (most of all better pdo or mysqli):

if(isset($_POST['Insert'])){
   $id = mysql_real_escape_string($_POST['artid']);
   mysql_query("INSERT INTO test (id) VALUES ('$id')");

}

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.