0

I'm new to php I have created a php form that will insert data into the database my database name is Emp and the table name is info. I'm inserting using PDO. I have written a code to do this and it is getting executed without catching any errors, but the database is still empty. I have posted my code below please tell me what I'm doing wrong.

<?php
    try{
        echo $_POST['name'].", ".$_POST['age'].", ".$_POST['email'].", ".$_POST['name'].", ".$_POST['country'].", ". $_POST['city'] ;
        $user="root";
        $pass="root123";
                    $con=new PDO('mysql:host=localhost;dbname=Emp', $user, $pass);
        $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
        $con->beginTransaction();
        //echo "INSERT INTO info(Empid,Ename,Age,Email,Country,City,Salary) VALUES('".$_POST['eid']."','".$_POST['name']."','".$_POST['age']."','".$_POST['email']."','".$_POST['country']."','".$_POST['city']."','".$_POST['salary']."')";
        $num=$con->exec("INSERT INTO info(Empid,Ename,Age,Email,Country,City,Salary) VALUES('".$_POST['eid']."','".$_POST['name']."','".$_POST['age']."','".$_POST['email']."','".$_POST['country']."','".$_POST['city']."','".$_POST['salary']."')");
        echo "<br>".$num." row added succesfully"; // this is displayed when I execute this but database is empty.
    }
    catch(Exception $e)
    {
        echo 'Exception -> ';
        var_dump($e->getMessage());
    }
    ?>
Improve this question
4
  • what happens when you run this query directly into your database? Commented Sep 11, 2013 at 5:32
  • 2
    You're starting a transaction with beginTransaction(), but it won't appear on the database until you finalise the transaction with commit() Commented Sep 11, 2013 at 5:32
  • Mike is right, you need to commit @user2655318 Commented Sep 11, 2013 at 5:33
  • Additional note: please read the paragraph on PDO and bound parameters in this document to avoid SQL injectin: phptherightway.com/#databases Commented Sep 11, 2013 at 5:49

3 Answers 3

Reset to default
2

Since you have used beginTransaction(), you have to commit the changes. Add

$con->commit();

Reference: PHP Manual

Note: Even though you are using PDO, you are still interpolating HTTP Request values without sanitization, that could be bad

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

you either have to commit or rollback the transaction ..

changes made to the database via the PDO transactions are not committed until you end the transaction by calling PDO::commit() or Calling PDO::rollBack()

<?php
try{
    echo $_POST['name'].", ".$_POST['age'].", ".$_POST['email'].", ".$_POST['name'].", ".$_POST['country'].", ". $_POST['city'] ;
   ...
  $con->beginTransaction();
  ....
   $con->commit();
}
catch(Exception $e)
{
    echo 'Exception -> ';
    var_dump($e->getMessage());
     $con->rollBack();
}
?>
Improve this answer

1 Comment

It doesn't matter btw but you have typo here $conn->commit(); and also we have the very same code in our answers. weird :/
1

All you need to do is to commit and/or rollBack your code

<?php
    try{
        .
        . code
        .
        $con->beginTransaction();
        .
        . code
        .
        $num=$con->exec("INSERT INTO info (Empid,Ename,Age,Email,Country,City,Salary) VALUES('".$_POST['eid']."','".$_POST['name']."','".$_POST['age']."','".$_POST['email']."','".$_POST['country']."','".$_POST['city']."','".$_POST['salary']."')");
        $con->commit(); // This is missing
    }
    catch(Exception $e)
    {
        var_dump($e->getMessage());
        $con->rollBack(); //  And this is missing
    }
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.