0

I'm currently attempting to insert data into a MySQL database using PHP. To help, I am following this tutorial.

Thus far, I have taken the following steps:

  • Manually created a database via phpMyAdmin named "core_group_me" on my WAMPSERVER

  • Created a form page named "form.php" (code below):

    <html>
<head>
<title></title>
</head>

<body>
<form method="post" action="update.php">

Username:<br />

<input type="text" name="id" size="30" /><br />

First Name:<br />

<input type="text" name="firstname" size="30" /><br />

Last Name:<br />

<input type="text" name="lastname" size="30" /><br />

Email:<br />

<input type="text" name="email" size="30" /><br />

Location:<br />

<input type="text" name="location" size="30" /><br />

Expertise:<br />

<input type="text" name="expertise" size="30" /><br /><br />

<input type="submit" value="Update Database" />

</body>
</html>

  • Created a page to update the "core_group_me" database named "update.php" (code below):

    <?php

$id = $_POST['id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$location = $_POST['location'];
$expertise = $_POST['expertise'];

mysql_connect ("localhost", "core_group_me", "") or die ('Error: ' .mysql_error());
mysql_select_db ("members");

$query="INSERT INTO members (id, firstname, lastname, email, location, expertise)VALUES ('".$id."', '".$firstname."', '".$lastname."', '".$email."', '".$location."', '".$expertise."')";

mysql_query($query) or die ('Error updating database');

echo "Database Updated With: " .$id. " " .$firstname. " ".$lastname. " ".$email. " " .$location. " " .$expertise ;

?>

That being said, when I open up the "form.php" page, input information in the specified fields and submit everything, I receive the the following error: "Error updating database". I'm very new to programming in PHP and working with MySQL databases, so I honestly have absolutely no idea where I've gone wrong. Any help would be much appreciated!

Improve this question
2
  • You have changed your database to members using mysql_select_db ("members"); command. Is members table in members database? Commented Jul 7, 2011 at 5:37
  • 2
    What error do you receive if you use mysql_query($query) or die(mysql_error());? Commented Jul 7, 2011 at 5:38

4 Answers 4

Reset to default
2

In the below line, instead of core_group_me use your mysql user name and the third parameter is your password, if you don't have password then leave it as blank otherwise write your password.

mysql_connect ("localhost", "core_group_me", "") or die ('Error: ' .mysql_error());

Eg:

mysql_connect ("localhost", "root", "123456") or die ('Error: ' .mysql_error());

and also edit this line:

mysql_select_db ("members");

into:

mysql_select_db ("core_group_me");
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Now it is telling me that no database is selected.
YOu said u create a database called core_group_me. If so you must enter mysql_select_db("core_dump_me");
and each of $var=$_POST['var'] should be $var=mysql_real_escape_string($_POST['var'], $dbh); where $dbh is the handle returned by mysql_connect()
0

I believe Francois mentioned the error in the sql. To avoid just getting the die message you could add something like http://php.net/manual/de/function.mysql-error.php.

mysql_query($query) or die ('Error updating database<br />' . mysql_errno() . ": " . mysql_error());

Since application security is getting more important you should escape your strings as well as check the contents of the inputs. I also wouldn't display a error message to the user, I personally would write it to a log file

Improve this answer

2 Comments

If your id is a auto increment primary key you should leave it blank. Make your your database, table and column names match the database. Make sure escaping them. Using phpMyAdmin, you could insert one row and compare it to your syntax. This helped me a lot.
You might also consider using a PHP framework like Zend. Though it is really handy to know how to do everything manually, a framework will help streamline escaping strings etc.
0

Create database using this structure:

CREATE TABLE stackoverflow.members ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY , username VARCHAR( 30 ) NOT NULL , firstname VARCHAR( 30 ) NOT NULL , lastname VARCHAR( 30 ) NOT NULL , email VARCHAR( 100 ) NOT NULL , location VARCHAR( 30 ) NOT NULL , expertise VARCHAR( 30 ) NOT NULL ) ENGINE = MYISAM ;

and update.php:

<?php

 $username = $_POST['id'];
 $firstname = $_POST['firstname'];
 $lastname = $_POST['lastname'];
 $email = $_POST['email'];
 $location = $_POST['location'];
 $expertise = $_POST['expertise'];

 mysql_connect ("localhost", "root", "yourpassword") or die(mysql_error());
 mysql_select_db ("stackoverflow");

 $query="INSERT INTO members (id,username, firstname, lastname, email, location, expertise) VALUES ('','$username', '$firstname', '$lastname', '$email', '$location', '$expertise')";

 mysql_query($query) or die (mysql_error());

 echo "Database Updated With: " .$username. " , " .$firstname. " , ".$lastname. " , ".$email. " , " .$location. " , " .$expertise ;

 ?>

Don't copy and paste it into your file..Just try to understand it..

Improve this answer

Comments

0

Not sure if this answer is on topic enough. But if you are a beginning PHP programmer it might be wise to study MySqli or PDO extension to handle MySql, because as of PHP 5.5.0 the mysql extension is removed. (https://www.php.net/mysql_query) The MySqli extension can be used in a similar way as the MySql extension. So unless you are just modifying an old project (and even then, you might want to consider upgrading your code)

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.