user2910074 user2910074 - 7 months ago 9
SQL Question

Why are comments not being uploaded to MySQL Database?

I have a webpage intended to allow users to upload a file and submit a comment. The file and respective comment should then be input into a MySQL database. Currently, if someone tries to do this, the file is uploaded and the link is inserted into the database as it should be. However, the comment never gets entered into the database. The webpage has the following code:

<div style="padding-left: 225px; padding-top: 15px; padding-bottom: 15px; background-color: #754f00; border-style: solid; border-weight: 4px; border-color: black;">

<div class="uploadbox" style='margin-left: 100px'>

<? include('uploadform.php') ?>
<? include('uploader.php'); ?>


</div>

<center>
<? include('testpost.php'); ?>
</center>

</div>


<br>
<hr>
<br>


<center>

<? include('feed.php'); ?>

</center>


Where the file uploadform.php is given by

<form enctype="multipart/form-data" method="POST">

Comment:<br />
<textarea name='comment' id='comment'></textarea><br />

<input type="hidden" name="MAX_FILE_SIZE" value="10000000" />

Choose a file to upload: <input name="uploadedfile" type="file" /><br />

<input type="submit" value="Submit" />


</form>


The file uploader.php contains the following:

<?php

if( $_POST ){
// Where the file is going to be placed
$target_path = "uploads/";

/* Add the original filename to our target path.
Result is "uploads/filename.extension" */
$target_path = $target_path .time() .basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The <a href=" . $target_path . ">file</a> has been uploaded! <br /> LINK: " . $target_path;

$con = mysql_connect("localhost","theshitp_user","password");

if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("theshitp_posts", $con);

$query = "
INSERT INTO `theshitp_posts`.`test2` (`file`) VALUES ( '$target_path' );";

mysql_query($query);

echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>";

mysql_close($con);


} else{
echo "There was an error uploading the file, please try again!";
}

}

?>


And the file testpost.php contains

<?
if( $_POST )
{
$con = mysql_connect("localhost","theshitp_user","password");

if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("theshitp_posts", $con);

$users_comment = $_POST['comment'];

$users_comment = mysql_real_escape_string($users_comment);

$query = "
INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );";

mysql_query($query);

echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>";

mysql_close($con);
}
?>


Can anyone see why file links are being entered into the database as they should, but comments are not? The id and timestamp fields are also being entered correctly into the database.

Answer

Look at your query parameter in testpost.php file-->

$query = "
  INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );";

First thing semi-colon in the query parameter remove this inner ';' first $query=";"; <-- in the query and

Second id = NULL <-- which is not allowed in case of primary key, it could be blank for auto-increment but not NULL

so the new query

$query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES ('', '$users_comment', CURRENT_TIMESTAMP() )";
Comments