-2

Here is my main PHP code:

<?php

define('dbServer', 'localhost');
$dbUsername = 'root';
$dbPassword = '';
define('dbName', '1');

$dbConnection = mysqli_connect(dbServer, $dbUsername, $dbPassword, dbName);

if(!$dbConnection){
    die("Unsuccessful Connection: " . mysqli_connect_error());
}



// All user data will be taken from the form //

$emailAddress = $_POST['emailaddress'];
$firstName = $_POST['firstname'];
$lastName = $_POST['lastname'];
$streetAddress = $_POST['streetaddress'];
$phoneNumber = $_POST['phonenumber'];
$comments = $_POST['comments'];

$sql = "INSERT INTO user-submission (email, firstName, lastName, address, phoneNumber, comment) VALUES ('$emailAddress', '$firstName', '$lastName', '$streetAddress', '$phoneNumber', '$comments')";

$result = mysqli_query($dbConnection, $sql);

if (!$result){
    die('Error: ' . mysqli_connect_error());
}

?>

My SQL database contains the rows ID, email, firstName, lastName, address, phoneNumber, comment. They are in a database called '1' (for testing purposes) and a table called 'user-submission'.

I have been unable to query this information into my table. I have been successful prior to this on other SQL and PHP pairings. What am I doing wrong this time?

Improve this question
6
  • 2
    You don't say what's actually happening when you run this so there may well be other problems as well, but you'll definitely need to quote the table name if it contains a dash. See stackoverflow.com/questions/18670394/…
    – iainn
    Commented Apr 24, 2018 at 18:19
  • 2
    You'll also want to read up on SQL injection as soon as possible: stackoverflow.com/questions/60174/…
    – iainn
    Commented Apr 24, 2018 at 18:19
  • Enable error reporting, and acquire the skill of debugging the programs you write... how to detect errors, and how to diagnose the problem. StackOverflow is not a debugging service. ericlippert.com/2014/03/05/how-to-debug-small-programs
    – spencer7593
    Commented Apr 24, 2018 at 18:36
  • Your title isn't particularly helpful, a lot of questions could be described as an 'Issue with PHP and MySQL Database'
    – Nigel Ren
    Commented Apr 24, 2018 at 18:44
  • mysqli_connect_error() isn't the right function to use against a query, just a connection error method is all it is.
    – Funk Forty Niner
    Commented Apr 24, 2018 at 18:44

2 Answers 2

Reset to default
0

Add this right below the opening php tag at the top then the server will tell you what the error is. Copy the error here if you need help decyfering

error_reporting( E_ALL );
Improve this answer
3
  • also add mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); (before mysqli_connect is called.) With this enabled, when an error occurs in mysqli, mysqli will raise a PHP error.
    – spencer7593
    Commented Apr 24, 2018 at 18:39
  • this is a comment at best. It won't do anything for mysql where the deleted answer gave a better answer in a way. That table name of theirs, well... mysql thinks they want to do math.
    – Funk Forty Niner
    Commented Apr 24, 2018 at 18:44
  • 99 out of a hundred times it reveals the problem as its usually something simple. So its the first step.
    – Jim VanPetten
    Commented Apr 24, 2018 at 19:22
0

First you need to make changes so hackers don't abuse your code. Just wait till johnny;drop tables; comes by and wipes out your database.

// All user data will be taken from the form //

$emailAddress = mysqli_real_escape_string($dbConnections,$_POST['emailaddress']);
$firstName = mysqli_real_escape_string($dbConnections,$_POST['firstname']);
$lastName = mysqli_real_escape_string($dbConnections,$_POST['lastname']);
$streetAddress = mysqli_real_escape_string($dbConnections,$_POST['streetaddress']);
$phoneNumber = mysqli_real_escape_string($dbConnections,$_POST['phonenumber']);
$comments = mysqli_real_escape_string($dbConnections,$_POST['comments']);


$sql = "INSERT INTO `user-submission` (email, firstName, lastName, address, phoneNumber, comment) VALUES (?,?,?,?,?,?)";
$prep=$dbConnections->prepare($sql);
$prep->bind_param("ssssss",$emailAddress,$firstName,$lastName,$streetAddress,$phoneNumber,$comments);

#actually puts everything together, and puts it in the database
$prep-execute();
Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.