0

Following is my error free code, it has no syntactical error but when I run it it executes the else part, which means my databse has not been updated.What is the problem?
<html>
<body>
<?php
$connect=mysql_connect("localhost","root","ila");
$query="create database if it not exists demo";
$db=mysql_select_db("demo",$connect);
$query= "create table jlt(id int not null , name varchar(49))";
$result=mysql_query($query);
$query="insert into jlt values(1,'$_POST[inputfield]')";
if(mysql_query($query,$connect)){
echo "data successfully added";
}
else {
echo "not success";
}
?>
</body>
</html>

4
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by geekme
0

You haven't specified the field names in your insert query:

INSERT INTO `jlt`(`id`, `name`) VALUES (1, 'example');

And by not escaping your input variables, you're leaving the script open to SQL injection attacks.

1

As a general approach, if you are having a problem with a query, the fastest way to sort it out is to echo the query, paste it into PHPMyAdmin and work on it there until you have it figured out. Then you can change your code accordingly.

Votes + Comments
0

Try following code

<html>
<body>
<?php
$connect=mysql_connect("localhost","root","ila");
$query="create database if it not exists demo";
$db=mysql_select_db("demo",$connect);
$query= "create table jlt(id int not null , name varchar(49))";
$result=mysql_query($query);
$in=$_POST['inputfield'];
$query="insert into jlt values(1,'$in')";
if(mysql_query($query,$connect)){
echo "data successfully added";
}
else {
echo "not success";
}
?>
</body>
</html>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.