0

Problem

With a php website, I have a form to collect information which will then be inserted into the MySQL database, but there are these three columns that have the wrong values inserted into them. The rest are all in the correct order.

Values inserted as php variables via MySQL transaction.

Thank you for your time.

phpmyadmin display (first row is manually corrected)

Code: 

 <?php
function registerPatient($ptUsername, $ptPassword, $ptFirstName, $ptLastName, $ptSalutation, $ptEmail, $ptDOB, $ptPostCode, $ptHouseNo, $ptTelNo, $link)
{
    $accType = "Patient";
    $dtID = $_COOKIE["ID"];
    $errors = "";
    $SQL_patientInsert =

        "START TRANSACTION;

        INSERT INTO accDetails (`username`, `hashPassword`, `accType`)
        VALUES ('" . $ptUsername . "',
                '" . $ptPassword . "',
                '" . $accType . "');


        INSERT INTO ptProfile (`firstName`, `lastName`, `salutation`, `email`, `DOB`, `postCode`, `houseNo`, `telephoneNo`, `dtID`, `ptID`)
        VALUES ('" . $ptFirstName . "',
                '" . $ptLastName . "',
                '" . $ptSalutation . "',
                '" . $ptEmail . "',
                '" . $ptDOB . "',
                '" . $ptPostCode . "',
                '" . $ptHouseNo . "',
                '" . $ptTelNo . "',
                '" . $dtID . "',
                LAST_INSERT_ID());
        COMMIT;";

        if (mysqli_multi_query($link, $SQL_patientInsert)) {
            $errors .= "";
        } else {
            $errors .= "MYSQL Error: ". mysqli_error($link);
        }


        return $errors;

    }

?>

Var_Dump of $SQL_patientInsert

string(495) "START TRANSACTION; INSERT INTO accDetails (`username`, `hashPassword`, `accType`) VALUES ('bingbong', '$2y$10$WDvSHSxzIxaYB8dPGLRIWOFyIdPXxSw5JDXagOxeYuJUtnvFhI.lO', 'Patient'); INSERT INTO ptProfile (`firstName`, `lastName`, `salutation`, `email`, `DOB`, `postCode`, `houseNo`, `telephoneNo`, `dtID`, `ptID`) VALUES ('Dr', 'Bing', 'Bong', 'EMAIL REMOVED FOR SO', '1996-08-02', 'POSTCODE REMOVED FOR SO', '7', '83824', '1256', LAST_INSERT_ID()); COMMIT;"

Table Structure

Table Structure in PHPMyAdmin, no autoincrements, all values allowed to be null

Improve this question
7
  • 1
    Warning! You are prone to SQL-injection. Read more here. stackoverflow.com/questions/60174/… Commented Mar 14, 2016 at 16:26
  • var_dump your $SQL_patientInsert, i'm pretty sure you have an error in varaible maybe order in registerPatient call Commented Mar 14, 2016 at 16:29
  • Have you setup your table data types of column properly and auto increment value etc Commented Mar 14, 2016 at 16:35
  • link Doesn't appear to show anything incorrect with the variables, that's the vardump of $SQL_patientinsert right after insertion. Commented Mar 14, 2016 at 16:40
  • link - No autoincrements. All values allowed to be null. Can't see any issues with my column datatypes. Any ideas? Commented Mar 14, 2016 at 16:48

2 Answers 2

Reset to default
2

Your are calling your function with wrong parameters order.

Change this line ($ptFirstName <-> $ptSalutation);

function registerPatient($ptUsername, $ptPassword, $ptFirstName, $ptLastName, $ptSalutation, $ptEmail, $ptDOB, $ptPostCode, $ptHouseNo, $ptTelNo, $link)

with

function registerPatient($ptUsername, $ptPassword, $ptSalutation, $ptFirstName, $ptLastName, $ptEmail, $ptDOB, $ptPostCode, $ptHouseNo, $ptTelNo, $link)
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

When you have this many arguments, passing them all in as a singular array is not a bad idea.
That's fixed it. Thank you very much, it's well appreciated. Have a nice day!
0

I think you just mixed up your variables somewhere. Have you checked the form? Try printing out all the variables right before you build the query and check if they correspond correctly.

Improve this answer

1 Comment

link Doesn't appear to show anything incorrect with the variables, that's the vardump of $SQL_patientinsert right after insertion, same occurs with vardump before query is run.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.