Problem with coding MySQL query
Posted on
16th Feb 2014 07:03 pm by
admin
I'm having heaps of trouble getting one of my PHP/MySQL queries to work for some reason (and the funny thing is there are plenty that are identical to it all the way through the site) so I'm wondering if someone can spot the problem. (I've basically torn all the code apart trying to work it out and have changed values that are being submitted, etc to try and get it to work, so I'm tearing my hair out now!)
Code: $staffID = $_POST['staffID'];
$date = date("Y-m-d h:i:s");
$sql2 = "INSERT INTO Order (date, staffID)
VALUES ('$date', '$staffID')";
$result2 = mysqli_query($cxn, $sql2)
or die ("Couldn't execute insert into order query.");
As it's not working, I keep getting "Couldn't execute insert into order query."
The MySQL database is named Order, and has orderID, date and staffID. orderID is int(8 ), unsigned zerofill and autoincrement. date is datetime, and staffID is int(4) unsigned zerofill. Staff members enter the zeros in their staffID when putting their details into the form (so would enter 0004).
Here's the full code:
createorder.php
Code: <?php
include("credentials.inc");
switch (@$_POST['do']) {
case "neworder":
$cxn = mysqli_connect($host, $user, $password, $dbname)
or die ("Connection failed.");
$staffID = $_POST['staffID'];
$sku = $_POST['sku'];
$quantity = $_POST['quantity'];
$sql = "SELECT staffID FROM Staff
WHERE staffID = '$staffID'";
$result = mysqli_query($cxn, $sql)
or die ("Couldn't execute staff query.");
$num = mysqli_num_rows($result);
if ($num > 0) { //staff member found
$date = date("Y-m-d h:i:s");
$sql2 = "INSERT INTO Order (date, staffID)
VALUES ('$date', '$staffID')";
$result2 = mysqli_query($cxn, $sql2)
or die ("Couldn't execute insert into order query.");
$sql3 = "SELECT orderID FROM Order
WHERE date = '$date'";
$result3 = mysqli_query($cxn, $sql3)
or die ("Couldn't execute select from order query.");
$rowname = mysqli_fetch_assoc($result3);
extract ($rowname);
$sql4 = "INSERT INTO ItemsOrdered (orderID, sku, quantity)
VALUES ('$orderID', '$sku', '$quantity')";
$result4 = mysqli_query($cxn, $sql4)
or die ("Couldn't execute insert into ItemsOrdered query.");
header("Location: success4.php");
}
else {
$message = "Staff member does not exist.<br />";
include("createorder.inc");
}
break;
default:
include("createorder.inc");
}
?>createorder.inc
Code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Adelaide Books</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<div id="body">
<table id="main" cellspacing="0px">
<tr><td id="logo" colspan="3">
<img src="images/logo.gif" alt="Adelaide Books"/></td>
<td class="space"> </td>
<td class="right"> </td></tr>
<tr><td class="left"> </td>
<td class="space"> </td>
<td id="text">
<h1>Create New Order</h1>
<form action="createorder.php" method="POST">
<table width="250" border="0" align="center" cellpadding="2" cellspacing="2">
<?php
if (isset($message)) {
echo "<tr><td style='color:red' colspan='2' >$message <br /></td></tr>";
}
?>
<tr>
<td width="75px" align="right">Staff ID:</td>
<td><input type="text" name="staffID" size="25" maxsize="50"></td>
</tr>
<tr>
<td width="75px" align="right">SKU:</td>
<td><input type="text" name="sku" size="25" maxsize="50"></td>
</tr>
<tr>
<td width="75px" align="right">Quantity:</td>
<td><input type="text" name="quantity" size="10" maxsize="20"></td>
</tr>
<input type="hidden" name="do" value="neworder">
<tr>
<td colspan="2" align="center"><input type="submit" name="neworder" value="Submit"></td>
</tr>
</table>
</form>
<br/> <br/> <br/> <br/><a href="orders.php"><img src="images/back.gif" alt="Back" border="0" /></a></td>
<td class="space"> </td>
<td class="right"> </td></tr>
</table>
</div>
</body>
</html>
Hope someone can help!
No comments posted yet
Your Answer:
Login to answer
221 
6 
Other forums
Protecting forms
Alright, I want to protect some forms of mine from SQL Injections, because I had someone earlier spa
exclude characters from counting?
Hello, I wanted to ask if you have a string like:
Code: $my_s='ASRGREGTGTR----REGREGRE+++RRRRRR..
Get relative path from absolute path
How would one go about getting the relative path to a file from its absolute path?
confused between ' ' and " "
there is a php i set:
$begin_date_query = mysql_query( "SELECT SUBDATE(due_date, INTERVAL $d
comparing tables across databases sql refinement ideas required
Hi all
Via pl/sql I need to ensure that data between tables in different databases match
Help with lottery style system?
I'm working on a currency system for forums and it is going to have a type of lottery system built i
How to disable direct access to a file
Suppose I've 2 Files. 1.php & 2.php
I don't want anybody to access 2.php directly fr
i need help with php header and footer
I have designed a header and footer for my site and they seem to be ok when they are running individ
mysql UPDATE request not working and driving me crazy!!!
Hi,
I have been stuck on this for ages.
Quite simply I am trying to update my database
Code error with Index.php
Error: Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/runevid/public_
