How to display errors for my MySQLi query?

Question

I am using the following script to process a form to add info to my website. The problem I am having is when I submit the form nothing gets submitted to the database, and there are no errors. How can I add error reporting to my query?

<?php
if (isset($_POST['itemdescription'])) {$itemdescription = $_POST['itemdescription'];}else {$itemdescription = '';}
if (isset($_POST['itemnumber'])) {$itemnumber = $_POST['itemnumber'];}else {$itemnumber = '';}
if (isset($_POST['sellerid'])) {$sellerid = $_POST['sellerid'];}else {$sellerid = '';}
if (isset($_POST['purchasedate'])) {$purchasedatepre = $_POST['purchasedate'];$date = DateTime::createFromFormat("D F d, Y", $purchasedatepre);$purchasedate = date('Y-m-d',strtotime($purchasedatepre));}else {$purchasedatepre = ''; $purchasedate = '';}
if (isset($_POST['otherinfo'])) {$otherinfo = $_POST['otherinfo'];}else {$otherinfo = '';}
if (isset($_POST['numberofitems'])) {$numberofitems = $_POST['numberofitems'];}else {$numberofitems = '';}
if (isset($_POST['numberofitemsused'])) {$numberofitemsused = $_POST['numberofitemsused'];}else {$numberofitemsused = '';}
if (isset($_POST['isitdelivered'])) {$isitdelivered = $_POST['isitdelivered'];}else {$isitdelivered = '';}
if (isset($_POST['price'])) {$price = $_POST['price'];}else {$price = '';}

$itemdescription = str_replace("'", "", "$itemdescription");
$itemnumber = str_replace("'", "", "$itemnumber");
$sellerid = str_replace("'", "", "$sellerid");
$otherinfo = str_replace("'", "", "$otherinfo");

include("connectmysqli.php"); 

mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')");

// header('Location: stockmanager.php?&key='.$key);
?>

score 87 · Accepted Answer · edited May 23 '17 at 12:25

87

Just simply add or die(mysqli_error($db)); at the end of your query, this will print the mysqli error.

 mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')") or die(mysqli_error($db));

As a side note I'd say you are at risk of mysql injection, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to avoid any risk.

edited May 23 '17 at 12:25

Community

1
1

answered Jun 11 '13 at 20:45

Fabio

21,516
12
49
63

7

Please prefer "trigger_error()" instead of "die()" trigger_error("Query Failed! SQL: $sql - Error: ". mysqli_error($db), E_USER_ERROR); – mogosselin May 19 '14 at 21:46
2

Or even better, throw and Exception and possibly handle it. Both are preferable to the silly and prevalent `or die`. – ficuscr Sep 28 '20 at 03:09

score 37 · Answer 2 · edited Dec 20 '19 at 20:30

37

mysqli_error()

As in:

$sql = "Your SQL statement here";
$result = mysqli_query($conn, $sql) or trigger_error("Query Failed! SQL: $sql - Error: ".mysqli_error($conn), E_USER_ERROR);

Trigger error is better than die because you can use it for development AND production, it's the permanent solution.

edited Dec 20 '19 at 20:30

Dharman

21,838
18
57
107

answered Jun 11 '13 at 20:46

Jessica

7,019
26
38

1

+1, but I would elaborate on how to use it for both development and production (how the error wouldn't be shown in production). – Travesty3 Jun 11 '13 at 20:48
@Travesty3 just use it. This code is all right for both development and production – Your Common Sense Jun 19 '14 at 14:15
1

Not if you just let the error get printed to the screen it's not. – Jessica Jun 19 '14 at 16:02
ok, so how can i have both "Congrats! Query .$sql."was successfull!" or die: "Sorry the query $sql failed with this error: $error"; – KarlosFontana Jul 31 '14 at 10:05
2

For those that may be wondering: trigger_error() is fine for both production and development because error reporting is usually turned off in production. trigger_error therefore won't be printed out. – John Reid Apr 23 '15 at 17:07
2

@KarlosFontana you should never have anything like '*or die: "Sorry the query $sql failed with this error: $error*"' in the first place. Please read about [PHP error reporting basics](https://phpdelusions.net/articles/error_reporting) – Your Common Sense Oct 13 '17 at 08:46
1

@JohnReid strictly speaking, *error reporting* should be set to max on for the production as well. it's *displaying errors* what ought to be switched off. People often mistake these two matters, that's why I took liberty to intervene. – Your Common Sense Oct 13 '17 at 15:32
@Jessica I sometime use the question as a reference for closing and need to point out that `mysqli_error()` requires a db connection as a parameter. The answer should be edited. – Funk Forty Niner Sep 25 '18 at 14:48
You have an error. [`mysqli_error()`](https://www.php.net/manual/en/mysqli.error.php) needs one argument. Please consider switching error mode on instead. [How to get the error message in MySQLi?](https://stackoverflow.com/a/22662582/1839439). The same goes for `mysqli_query()` – Dharman Nov 11 '19 at 21:48
+1 but, I could only get this code to work by passing in my mySQLi object as a parameter of mysqli_error(); as such `mysqli_error($conn);`. – Alexander McNulty Nov 23 '19 at 17:58

How to display errors for my MySQLi query?

2 Answers2

Linked

Related