0

I am trying to insert data into 4 tables ( asset, asset_details, invoice and location). When I submit the form, it tells me that all the data has been submitted successfully but when I check the MySQL database the information is only submitted to the location tables.

Any help will be appreciated, Thank you . 

    mysql_query("START TRANSITION");

    $query1 =("INSERT INTO .asset (asset_tag, asset_number, cap_ex, asset_type_id, invoice_id, status) 
        Values(".$_POST['asset_tag'] .",,,".$_POST['asset_type'] . ",".$_POST['invoice_number']."," . $_POST['status_id'] .")");

    $query2 =("INSERT INTO .asset_details (asset_type_id, asset_tag, asset_type, physical_asset_id, manufacturer, os, os_version, make, model, serial_number, processor, ram, memory, hdd, host_name, notes)
        Values(" .",".$_POST['asset_tag']."," .$_POST['asset_type'].",,
        ,".$_POST['os'].",".$_POST['os_version'].",".$_POST['make'].",".$_POST['model'].",".$_POST['serial_number'].",".$_POST['processor'].",,".$_POST['memory'].",".$_POST['hdd'].",,".$_POST['notes'].")");

    $query3 =( "INSERT INTO .invoice (invoice_number, invoice_date, purchas_price, quantity, order_date, vender, warrenty_end, notes)   
        Values(" .$_POST['invoice_number'].",". $_POST['invoice_date'].",". $_POST['purchase_price'].",,,". $_POST['vender'].")");

    $query4 =( "INSERT INTO .location (location_name, rack, row, unit)
        Values(" .$_POST['location_name'].",".$_POST['rack'].",".$_POST['row'].",".$_POST['unit'].")");

    echo "$query1 $query2 $query3 $query4";


    $result1= mysql_query($query1);
    $result2= mysql_query($query2);
    $result3= mysql_query($query3);
    $result4= mysql_query($query4);

    $result = mysql_query("COMMIT");    

if (!$result)
{
    mysql_query("ROLLBACK");
    die('Invalid query: ' . mysql_error());
}
else
{
    echo "<script>alert('SUCCESS!');</script>";
}
}


mysql_close($con);
?>
Improve this question
4
  • There are no quotes around your string values! What does the echo $query... produce? Commented Aug 7, 2012 at 11:40
  • How did you come up with mysql_query("START TRANSITION");... Commented Aug 7, 2012 at 11:40
  • shouldn't it be mysql_query("START TRANSACTION");? Commented Aug 7, 2012 at 11:45
  • 1
    Please do not use mysql_* anymore. Use PDO oder mysqli_* instead when writing new code. Commented Aug 7, 2012 at 11:59

2 Answers 2

Reset to default
1

There are some strange things;

  • START TRANSITION should probably be START TRANSACTION.
  • You're not quoting any of your string values. Strings need to be quoted using ' a'la INSERT INTO TEST VALUES ('olle');
  • An empty field cannot be indicated by just skipping it, you're doing INSERT INTO TEST (a,b,c) VALUES (1,,2); which is not valid syntax for not setting b.

Also, I recommend using a more modern mysql api than mysql_query, as for example PDO or mysqli, since injecting POST values into a string as you do can be pretty dangerous, you may cause SQL injection problems.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Sorry but I am new to mySQL and PHP and am not sure about the correct syntax to your 3rd point. " An empty field cannot be indicated by just skipping it, you're doing INSERT INTO TEST (a,b,c) VALUES (1,,2); which is not valid syntax for not setting b."
0

Use '`'s around each attributes(columns) and ''' around each values, it should work

During development, I'd echo each query-expressions before it is sent to the database..

...by the way, mysql_error() is a useful function in php, which returns the last error information of mysql....U may use that for debugging

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.