php - Why is data not inserted in this code into my database? I suspect a SQL Error -


updated question

previous question: why data not inserted in code database?

current error recieved:
insert command denied user ''@'localhost' table 'all'

here php/html code,

<?php /*     assignment form     rohan verma,     alias rhnvrm. */ // initialisation         include('config.php');     // end initialisation ?> <!doctype html> <html> <head> <!-- ... --> <title>assignment</title> </head> <body> <form action="submit.php" method="post"> <label>roll no:</label> <select name="roll"> <optgroup label="choose roll number"> <?php     // generator options ($i = 1; $i <= 20; $i++) {     echo "<option value = '$i'>$i</option>"; }     //end ?> </optgroup> </select> <label>your name: </label> <input type="text" name="u_name"/> <br /> <label>name of person: </label> <input type="text" name="p_name"/> <br /> <label>about him:</label> <br /> <textarea style="width:350px;" name="p_text"></textarea> <br /> <input type="submit" /> </form> </body> </html>

here submission code.

<?php /*      submission      rhnvrm     +for project assignment */  $roll_no = $_post['roll']; $u_name  = $_post['u_name']; $p_name  = $_post['p_name']; $p_text  = $_post['p_text'];  $sql = "insert `sv_assign`.`all` (`roll`, `name`, `person`, `about`)      values (".(int)$roll_no .", " .                 mysql_real_escape_string($u_name) . ", " .                 mysql_real_escape_string($p_name) . ", ".                mysql_real_escape_string($p_text) . ");";  mysql_query($sql) or die(mysql_error());  mysql_close() or die ?>

config.php

<?php $dbhost = 'localhost'; $dbuser = 'root'; $dbpass = '*********';  $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die('error connecting mysql');  $dbname = 'sv_assign'; mysql_select_db($dbname); ?>

this \'$roll_no\' should '$roll_no'. same rest. what's happening it's becoming sample below. you're using double quotes wrap query string no need escape single quotes inside.

values (\'value\', \'value\', \'value\', \'value\');

**edit**

sanitize code avoid sql injections using mysql_real_escape_string or use pdo handling queries better. refer @daok mysql_real_escape_string reminder.

note: answer prior op updating question error in query.


Comments

Post a Comment

Popular posts from this blog

c# - SharpSVN - How to get the previous revision? -

i trying find efficient way previous revision of file text comparison using sharpsvn. using (svnclient c = new svnclient()) { c.authentication.defaultcredentials = new networkcredential( configurationmanager.appsettings.get("svnserviceusername") , configurationmanager.appsettings.get("svnservicepassword") , configurationmanager.appsettings.get("svnservicedomain") ); c.authentication.sslservertrusthandlers += new eventhandler<svnsslservertrusteventargs>(authentication_sslservertrusthandlers); collection<svnfileversioneventargs> fileversioncollection = new collection<svnfileversioneventargs>(); svnrevisionrange range = new svnrevisionrange(0, this.hooks.revision); svnfileversionsargs args = new svnfileversionsargs(); args.retrieveproperties = true; args.range = range; foreach (svnchangeitem item in log.changedpaths) { string path = this.repositorypath + it...
Read more

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

url - Querystring manipulation of email Address in PHP -

i using third party application (email2http) send me emailid, body , message. unable retrieve email id due name appended on , enclosed < , >. here querystring getting. test.php?from=ajay+reddy &subject=cx&body=somebody when print variable in php returns name , not email id. $from = $_get['from']; echo $from; //output ajay reddy please suggest me how can emailid also. i dont want use post method due testing , debugging. it's working fine. forgot use htmlentities() in debugging.
Read more