Member Avatar for janicemurby

PHP Warning: mysqli_error() expects exactly 1 parameter, 0 given on line 31

$insert = mysqli_query ($conn," insert into user set    user_name = '".$_POST['uname']."' , 
            age         = '".$age."' , 
            page             = '".$page."' ,
            user_password   = '".$password."' , 
            user_birthdate  = '".$user_birthdate."' , 
            puser_birthdate     = '".$puser_birthdate."' ,
            user_gender     = '".$_POST['gender']."' , 
            user_country    = '".$_POST['country']."' , 
            user_ethnicity  = '".$_POST['ethnicity']."' , 
            puser_ethnicity     = '".$_POST['pethnicity']."' ,
            user_email      = '".$_POST['email1']."' , 
            reg_date        = '$today' , 
            **status            ='1' " ) or die (mysqli_connect_error());**

if anyone can see whats going off on this be much appreciated ty

Edited by Reverend Jim because: Moved to databases forum
  • 3 Contributors
  • 3 Replies
  • 13K Views
  • 5 Days Discussion Span
  • Latest Post Latest Post by rubberman

Recommended Answers

All 3 Replies

Member Avatar for rubberman

First, I would construct a simple string variable with the entire SQL statement, and output that to see what it actually generated.

The next thing to realize is that the mysqli...error() functions require an argument which points to the link, such as in your case $insert. IE, the or die (mysqli_connect_error()) should probably be or die (mysqli_error($insert)) or or die (mysqli_connect_error($insert)). Personally, I'd use mysqli_error($insert) since there could be an error that is not related to the connection, but with the statement itself.

Member Avatar for AndrisP

if you want insert:

INSERT INTO tablename (col1, col2, col3) VALUES (?,?,?)

if you want update table:

UPDATE tablename SET col1 = ? , col2 = ? , col3 = ? WHERE id = ?

your example contain illegal mix of sql commands.
And do not directly put variables into SQL, use prepare and execute statement!

Edited by AndrisP
Member Avatar for rubberman

@AndrisP is correct. If you use prepared statements with placeholders you are much safer from SQL injection attacks for one thing.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.