www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 19

Thread: NEED PHP MYSQL HELP!!! - Thank you :)

  1. #1
    Join Date
    Oct 2009
    Posts
    7

    Angry NEED PHP MYSQL HELP!!! - Thank you :)

    Whenever I process the code below, I recieve the output; Query was empty. What does this mean, how can I fix it?

    PHP Code:
    <?PHP
    @include 'include/mysql.php';
    @include 
    'include/global.php';

    $cur_date date("d/m/y H:i:s"time());

    mysql_query("INSERT INTO MESSAGES (RECIPIENT, FROM, DATE, SUBJECT, MESSAGE, STATUS, TYPE)
    VALUES (
    $_POST[RECIPIENT]$_POST[FROM]$cur_date$_POST[SUBJECT]$_POST[MESSAGE], 1, 2)");

    $result mysql_query($query) or die(mysql_error());

    ?>
    Cheers.

  2. #2
    Join Date
    Nov 2008
    Posts
    2,477
    You don't assign a value to $querry so you are essentially passing null to mysql_query.

  3. #3
    Join Date
    Oct 2009
    Posts
    7
    hi,

    did you mean in the die function? because the script still doesn't work when i take it out - I just put it there to identify the problem.

  4. #4
    Join Date
    Oct 2009
    Posts
    658
    Should be

    Code:
    $query = "INSERT INTO MESSAGES (RECIPIENT, FROM, DATE, SUBJECT, MESSAGE, STATUS, TYPE)
    VALUES ($_POST[RECIPIENT], $_POST[FROM], $cur_date, $_POST[SUBJECT], $_POST[MESSAGE], 1, 2)";
    
    $result = mysql_query($query) or die(mysql_error());
    I haven't checked the syntax of the query but I guess that would clarify what Mindzai is talking about. Good Luck

    Santos Systems

  5. #5
    Join Date
    Aug 2007
    Location
    Leeds, Yorkshire, England
    Posts
    387
    You need:
    Code:
    $result = mysql_query("INSERT INTO MESSAGES (RECIPIENT, FROM, DATE, SUBJECT, MESSAGE, STATUS, TYPE)
    VALUES ($_POST[RECIPIENT], $_POST[FROM], $cur_date, $_POST[SUBJECT], $_POST[MESSAGE], 1, 2)") or die(mysql_error());
    Although normally you would do something like:
    Code:
    $query = "INSERT INTO MESSAGES (RECIPIENT, FROM, DATE, SUBJECT, MESSAGE, STATUS, TYPE)
    VALUES ($_POST[RECIPIENT], $_POST[FROM], $cur_date, $_POST[SUBJECT], $_POST[MESSAGE], 1, 2)";
    
    $result = mysql_query($query) OR die(mysql_error());
    Don't forget to sanitise your $_POST inputs otherwise you'll be open to hackers.

    Also, database text variables needs quotes around them when inserting e.g.
    $_POST[SUBJECT] should be '$_POST[SUBJECT]'
    Last edited by Yelgnidroc; 10-21-2009 at 12:40 PM.

  6. #6
    Join Date
    Aug 2007
    Location
    Leeds, Yorkshire, England
    Posts
    387
    PS you can use mysqls NOW() instead of using php to get the current date. I would call your date column date - I think it's a reserved keyword (although I haven't double checked)

  7. #7
    Join Date
    Oct 2009
    Posts
    658
    Quote Originally Posted by Yelgnidroc View Post
    PS you can use mysqls NOW() instead of using php to get the current date. I would call your date column date - I think it's a reserved keyword (although I haven't double checked)
    Here's the list for Reserved Words

    Good Luck

    Santos Systems

  8. #8
    Join Date
    Aug 2007
    Location
    Leeds, Yorkshire, England
    Posts
    387
    Oops, I meant I wouldn't use it.

    Although as ssystems has pointed out it's NOT a keyword.

    I still wouldn't use date though, I'd call it message_date or something more meaningful

  9. #9
    Join Date
    Oct 2009
    Posts
    7
    FROM is a reserved keyword, this may also be a problem ! ha!

  10. #10
    Join Date
    Oct 2009
    Posts
    658
    Quote Originally Posted by stormdart View Post
    FROM is a reserved keyword, this may also be a problem ! ha!
    meaningful names would really help

  11. #11
    Join Date
    Oct 2009
    Posts
    7
    sanitise?

  12. #12
    Join Date
    Nov 2008
    Posts
    2,477
    There is nothing stopping you from using reserved words as long as you enclose them in backticks, though as others have said it's usually best to avoid them if possible.

  13. #13
    Join Date
    Oct 2009
    Posts
    658
    Quote Originally Posted by stormdart View Post
    sanitise?
    He basically meant to make sure the post values are not a danger to your database. example is appending "OR 1" to the post value etc. Would wanna check this out. Good Luck.

    Santos Systems

  14. #14
    Join Date
    Oct 2009
    Posts
    7
    so ive got this now:

    PHP Code:
    $sql "INSERT INTO MESSAGES (RECIPIENT, SENDER, DATE_1, SUBJECT, MESSAGE, STATUS, TYPE)
    VALUES ('
    $_POST[RECIPIENT]', '$_POST[SIGNATURE]', '$cur_date', '$_POST[SUBJECT]', '$_POST[MESSAGE]', '1', '2')";

    header'Location: /?sent=1' ) ; 
    it doesnt work - took the die script out because I thought it would work now.

  15. #15
    Join Date
    Aug 2007
    Location
    Leeds, Yorkshire, England
    Posts
    387
    I don't think you want the following with quotes round them - I'm guessing they are INT's or FLOAT's

    '1', '2')

    You also need to run your query:

    $result = mysql_query($sql);

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles