-4

I am learning php and mysql, and I'm currently reading a book where I'm trying out the examples on my own webserver.

I had no problem setting up the database I'm using, and the code I am using to insert new rows into my database table works perfectly when I test it by writing directly in the INSERT code the values I want to insert. However, when I try to insert variables from $_POST into the mysql INSERT code, I get an error. I have no problems connecting to the database, but the query does not work. There should not be anything wrong with the variable names, because I am able to echo all of them. I have looked at my code 10 times, and I do not understand what is wrong with it. Does anyone know?

<?php
$when_it_happened = $_POST['whenithappened'];
$how_long = $_POST['howlong'];
$alien_description = $_POST['aliendescription'];
$fang_spotted = $_POST['fangspotted'];
$email = $_POST['email'];
$first_name = $_POST['firstname'];
$last_name = $_POST['lastname'];
$name = "$first_name $last_name";
$how_many = $_POST['howmany'];
$what_they_did = $_POST['whattheydid'];
$other = $_POST['other'];

// Posting to database

$dbc = mysqli_connect('localhost', 'root', '', 'aliendatabase')
or die('Problems connecting to database');

$query = "INSERT INTO aliens_abduction (first_name, last_name, when_it_happened, how_long, " .
"how_many, alien_description, what_they_did, fang_spotted, other, email) " .
"VALUES ('$first_name', '$last_name', '$when_it_happened', '$how_long', " .
"'$how_many', '$alien_description', '$what_they_did', '$fang_spotted', '$other', '$email')";

$result = mysqli_query($dbc, $query)
or die('Problems querying database');

mysqli_close($dbc);
?>

I am getting the error message 'Problems querying database'

guinevere
  • 3
  • 1
  • 2
    Check for [mysqli errors](http://php.net/manual/en/mysqli.error.php), either by logging or temporarily passing it to the die function. – aynber Oct 01 '19 at 14:35
  • Check https://stackoverflow.com/questions/17053466/how-to-display-errors-for-my-mysqli-query to see how you can get extra information which may help. – Nigel Ren Oct 01 '19 at 14:35
  • 7
    Honestly, don't waste your time trying to figure out why this version of it is wrong. Go right to using [prepared statements](https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php) and bound parameters. – Patrick Q Oct 01 '19 at 14:37
  • First of all, print the $query and check your query if is correspond on a correct query. After that, consider to prevent SQL Injection – Stefano Pascazi Oct 01 '19 at 14:37
  • you should change your `or die()` into: `or die('Problems querying database: ' . mysqli_error());` – ariefbayu Oct 01 '19 at 14:47

1 Answers1

0

Cross-check your column names to make sure it matches with the ones provided. Afterwards, run your query this way

if(mysqli_query($dbc, $query)){
//success message
}
else{
   echo "Error : ".mysqli_error($dbc);
//Check for a specific error
}
Christopher Enim
  • 26
  • 1
  • 4
  • This might be good as a comment how to debug, but it is useless in the long run. You should not echo out error messages on your own, let PHP do it for you. Also as pointed out prepared statements should be used instead of `query()` – Dharman Oct 01 '19 at 15:50
  • Thank you so much! I only just started learning, so I didn't know about the possibility to display the specific error! Now I was able to find out what was wrong, and I was able to fix it :-) – guinevere Oct 04 '19 at 12:28