Jeyjey Jeyjey - 4 months ago 11
SQL Question

Why I can't insert data on my database using my webhost?

There's no error but it is saying that it is

Insert Successfully
but when I check my database there are no fields added to the table
car_category
. This happened when I transfer it to a online webhost.

insert.php



<?PHP
include_once("connection.php");

if(isset($_POST['txtCarModel']) && isset($_POST['txtCarType']) &&
isset($_POST['txtCapacity']) && isset($_POST['txtImage'])){
$Car_Model = $_POST['txtCarModel'];
$Car_Type = $_POST['txtCarType'];
$Capacity = $_POST['txtCapacity'];
$Image = $_POST['txtImage'];

$query = "INSERT INTO car_category(Car_Model, Car_Type, Capacity, Image)
VALUES ('$Car_Model', '$Car_Type', $Capacity, '$Image')";

$result = mysqli_query($conn, $query);

if($result == 0){
if(isset($_POST['mobile']) && $_POST['mobile'] == "android"){
echo "success";
exit;
}
echo "Insert Successfully";
}
else{
if(isset($_POST['mobile']) && $_POST['mobile'] == "android"){
echo "failed";
exit;
}
echo "Something Error";
}
}

?>
<html>
<head><title>Insert</title></head>
<body>

<form action="<?PHP $_PHP_SELF ?>" method="post">
Car Model <input type="text" name="txtCarModel" value=""/><br/>
Car Type <input type="text" name="txtCarType" value=""/><br/>
Capacity <input type="text" name="txtCapacity" value=""/><br/>
Image URL <input type="text" name="txtImage" value=""/><br/>
<input type="submit" name="btnSubmit" value="Insert"/>
</form>
</body>
</html>


I'll post my connection.php here in case the problem is in here.

connection.php



<?php
$servername = "*****";
$username = "*****";
$password = "*****";
$dbname = "******";

$conn = mysqli_connect($servername, $username, $password, $dbname);

if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
?>

Answer

Hi Try to echo your errors

error_reporting(E_ALL);
ini_set('display_errors',1);// at top of page
// echo $query; die; to see what your query is
$result = mysqli_query($conn, $query) or die(mysqli_errpr($conn));

Also your code is sql Vulnerable use mysqli prepared statements or PDO

You can try this

 <?PHP
        $conn = new mysqli('localhost', 'root', 'password', 'databasename');
     if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
    error_reporting(E_ALL);
    ini_set('display_errors',1);// at top of page

    if(isset($_POST['txtCarModel']) && isset($_POST['txtCarType']) && 
    isset($_POST['txtCapacity']) && isset($_POST['txtImage'])){


    $Car_Model = $_POST['txtCarModel'];
    $Car_Type = $_POST['txtCarType'];
    $Capacity = $_POST['txtCapacity'];
    $Image = $_POST['txtImage'];

           $stmt = $conn->prepare("INSERT INTO car_category (Car_Model, Car_Type, Capacity, Image) VALUES (?, ?, ?,?)");
           $query = "INSERT INTO car_category(Car_Model, Car_Type, Capacity, Image) 
    VALUES ('$Car_Model', '$Car_Type', $Capacity, '$Image')"; 

        $stmt->bind_param("ssss", $Car_Model, $Car_Type, $Capacity,$Image);
        $result = $stmt->execute();
    if($result === false ) {
      die('execute() failed: ' . htmlspecialchars($stmt->error));
    }else{
    echo "New records created successfully";
    }
    $stmt->close();
    $conn->close();

        }

    ?>