Fenerli Fenerli - 11 days ago 5
PHP Question

Can't insert into mysql db

Is there any error code what can show what the problem is because i don't know.

I have wasted over a hour on looking on my code but i didn't find anything.

If someone wants to look to my code, it's here:

<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);
require_once $_SERVER['DOCUMENT_ROOT'].'/core/init.php';
include 'includes/head.php';
include 'includes/nav.php';

if(isset($_GET["add"])){

$brandQuery=$con->query("SELECT * FROM brand ORDER BY brand");
$parentQuery=$con->query("SELECT * FROM categories WHERE parent=0 ORDER BY category");

if ($_POST) {
$errors=array();

$title=sanitize($_POST["title"]);
$brand=sanitize($_POST["brand"]);
$categories=sanitize($_POST["child"]);
$price=sanitize($_POST["price"]);
$list_price=sanitize($_POST["list_price"]);
$sizes=sanitize($_POST["sizes"]);
$description=sanitize($_POST["description"]);

if (!empty($_POST["sizes"])) {
$sizeString=sanitize($_POST["sizes"]);
$sizeString=rtrim($sizeString,',');
$sizeArray=explode(',', $sizeString);
$sArray=array();
$qArray=array();
foreach ($sizeArray as $ss) {
$s=explode(":",$ss);
$sArray[].=$s[0];
$qArray[].=$s[1];
}
}else{
$sizeArray=array();
}
$required=array("title","price","brand","child","sizes");
foreach ($required as $field) {
if ($_POST[$field]== '') {
$errors[].="All fields with sterretje moet geuld worden";
break;

}
}
if (!empty($_FILES)) {
var_dump($_FILES);
$photo=$_FILES["photo"];
$name=$photo["name"];
$nameArray=explode(".",$name);
$fileName=$nameArray[0];
$fileExt=$nameArray[1];
$mime=explode("/",$photo["type"]);
$mimeType=$mime[0];
$mimeExt=$mime[1];
$tmpLoc=$photo["tmp_name"];
$fileSize=$photo["size"];
$allowed=array("png","jpg","jpeg","gif");
$uploadName=md5(microtime()).".".$fileExt;
$uploadPath=BASEURL."images/products/".$uploadName;
$dbPath="/images/products/".$uploadName;

if (!in_array($fileExt, $allowed)) {
$errors[].="File must have an png,jpg,jpeg or gif extension";
}
if ($fileSize>15000000 ) {
$errors[].="File is bigger than 15mb";

}
if ($mimeExt!=$fileExt) {
$errors[].="LOLOLOLOL gedraaag";
}
if ($mimeType!="image") {
$errors[].="File must be image";
}

if (!empty($errors)) {
echo display_errors($errors);
}else{
move_uploaded_file($tmpLoc, $uploadPath);
$insert="
INSERT INTO products(`title`,`price`,`list_price`,`brand`,`categories`,`image`,`sizes`,`description`) VALUES
('$title''$price''$list_price''$brand''$categories''$dbPath''$sizes''$description')
";
if($con->query($insert)){
header("Location: products.php");
}


}
}
}

?>


<h2 class="text-center">Add Product</h2><hr>




<div class="form-group col-md-3">
<label for="title">Title*:</label>
<input class="form-control" type="text" name="title" id="title" value="<?=((isset($_POST['title']))?sanitize($_POST['title']):'');?>">
</div>
<div class="form-group col-md-3">
<label for="brand">Brand*:</label>
<select class="form-control" id="brand" name="brand">
<option value=""<?=((isset($_POST["brand"])&&$_POST["brand"]=="")?' selected':'');?>></option>
<?php while($brand=mysqli_fetch_assoc($brandQuery)): ?>
<option value="<?=$brand['id']?>" <?=((isset($_POST["brand"])&&$_POST["brand"]==$brand["id"])?' selected':'');?>><?=$brand['brand']?></option>
<?php endwhile; ?>
</select>
</div>
<div class="form-group col-md-3">
<label for="parent">Parent*:</label>
<select class="form-control" name="parent" id="parent">
<option value=""<?=((isset($_POST["parent"])&&$_POST["parent"]=="")?' selected':'');?>></option>
<?php while($parent=mysqli_fetch_assoc($parentQuery)):?>
<option value="<?=$parent['id']?>"<?=((isset($_POST["parent"]) && $_POST["parent"]==$parent["id"])?' selected':'');?>><?=$parent["category"]?></option>
<?php endwhile; ?>
</select>
</div>
<div class="form-group col-md-3">
<label for="child">Child Category*:</label>
<select class="form-control" name="child" id="child">
</select>
</div>
<div class="form-group col-md-3">
<label for="price">Price*:</label>
<input class="form-control" type="text" name="price" id="price" value="<?=((isset($_POST['price']))?sanitize($_POST['price']):'')?>">
</div>
<div class="form-group col-md-3">
<label for="list_price">List Price*:</label>
<input class="form-control" type="text" name="list_price" id="list_price" value="<?=((isset($_POST['list_price']))?sanitize($_POST['list_price']):'')?>">
</div>
<div class="form-group col-md-3" >
<label>Quantity and Sizes*:</label>
<button class="btn btn-default form-control" onclick="jQuery('#sizesModal').modal('toggle');return false;" >Quantity & Sizes</button>
</div>
<div class="form-group col-md-3">
<label for="sizes">Sizes & Quantity Preview</label>
<input class="form-control" type="text" name="sizes" id="sizes" value=" <?=((isset($_POST['sizes']))?$_POST['sizes']:'');?>" readonly>
</div>
<div class="form-group col-md-6" >
<label for="photo">Product Photo:</label>
<input type="file" name="photo" id="photo" class="form-control">
</div>
<div class="form-group col-md-6">
<label for="description">Description:</label>
<textarea class="form-control" name="description" id="description" rows=6>
<?=((isset($_POST['description']))?sanitize($_POST["description"]):'')?>
</textarea>
</div>
<div class="form-group pull-right">
<input type="submit" value="Add Product" class="btn btn-success pull right">
</div><div class="clearfix"></div>

</form>


Is there an error function where i can see whats the problem? Please help.

Answer

You have error in your insert query. check the following

INSERT INTO products(`title`,`price`,`list_price`,`brand`,`categories`,`image`,`sizes`,`description`) VALUES
                                ('$title','$price','$list_price','$brand','$categories','$dbPath','$sizes','$description')

This is your existing query:

$insert="INSERT INTO products(`title`,`price`,`list_price`,`brand`,`categories`,`image`,`sizes`,`description`) VALUES
                            ('$title''$price''$list_price''$brand''$categories''$dbPath''$sizes''$description')";

Notice the lack of comma's between your VALUES.