Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

mysql query INSERT INTO and SET problems

Tags:

php

mysql

insert

set

I've been scratching my head for a good hour or so now, but I can't figure out what I have done wrong here. I hope someone can point me in the correct direction.

I am trying to insert some data into an SQL database using the INSERT INTO method, but it just doesn't seem to work. I included lots of echos to see try and see where exactly the error could be. From this I know that the code is OK up until the INSERT INTO part is called. Also, checking the database online revelas that no information is added... The online database has 3 tables, 'noise', 'wave', and 'pulse'. Also, all of the fields are present, so I really can't understand why this code is failing.

<?php
//Connect To Database
$hostname='myhostname';
$username='myusername';
$password='mypassword';
$dbname='dbname';
mysql_connect($hostname,$username, $password) OR DIE ('Unable to connect to database! Please try again later.');
mysql_select_db($dbname);

// test to see what kind of instrument is being uploaded.

$type=strip_tags($_GET['TYPE']);

if($type == 'noise') {
    $audio=strip_tags($_GET['AUDIO']); 
    echo $audio;
    $automate=strip_tags($_GET['AUTOMATE']);
    echo $automate;
    $by=strip_tags($_GET['BY']);
    echo $by;
    $envelope=strip_tags($_GET['ENVELOPE']);
    echo $envelope;
    $length=strip_tags($_GET['LENGTH']);
    echo $length;
    $name=strip_tags($_GET['NAME']);
    echo $name;
    $notes=strip_tags($_GET['NOTES']);
    echo $notes;
    $output=strip_tags($_GET['OUTPUT']);
    echo $output;
    $patchname=strip_tags($_GET['PATCH_NAME']);
    echo $patchname;
    $s_cmd=strip_tags($_GET['S_CMD']);
    echo $s_cmd;
    $shape=strip_tags($_GET['SHAPE']);
    echo $shape;
    $table=strip_tags($_GET['TABLE']);
    echo $table;
    $table0=strip_tags($_GET['table0']);
    echo $table0;
    $table1=strip_tags($_GET['table1']);
    echo $table1;
    $table2=strip_tags($_GET['table2']);
    echo $table2;
    $table3=strip_tags($_GET['table3']);
    echo $table3;
    $table4=strip_tags($_GET['table4']);
    echo $table4;
    $table5=strip_tags($_GET['table5']);
    echo $table5;
    $table6=strip_tags($_GET['table6']);
    echo $table6;
    $table7=strip_tags($_GET['table7']);
    echo $table7;
    $table8=strip_tags($_GET['table8']);
    echo $table8;
    $table9=strip_tags($_GET['table9']);
    echo $table9;
    $tableA=strip_tags($_GET['tableA']);
    echo $tableA;
    $tableB=strip_tags($_GET['tableB']);
    echo $tableB;
    $tableC=strip_tags($_GET['tableC']);
    echo $tableC;
    $tableD=strip_tags($_GET['tableD']);
    echo $tableD;
    $tableE=strip_tags($_GET['tableE']);
    echo $tableE;
    $tableF=strip_tags($_GET['tableF']);
    echo $tableF;

    //input this info into the SQL noise instrument table
    $request = mysql_query("INSERT INTO `noise` SET
        AUDIO = '$audio', 
        AUTOMATE = '$automate', 
        BY = '$by', 
        ENVELOPE = '$envelope', 
        LENGTH = '$length', 
        NAME ='$name', 
        NOTES = '$notes', 
        OUTPUT = '$output', 
        PATCH_NAME = '$patchname', 
        S_CMD = '$s_cmd', 
        SHAPE = '$shape', 
        TABLE = '$table', 
        table0 = '$table0', 
        table1 = '$table1', 
        table2 = '$table2', 
        table3 = '$table3', 
        table4 = '$table4',
        table5 = '$table5', 
        table6 = '$table6', 
        table7 = '$table7', 
        table8 = '$table8', 
        table9 = '$table9', 
        tableA = '$tableA', 
        tableB = '$tableB', 
        tableC = '$tableC', 
        tableD = '$tableD', 
        tableE = '$tableE',
        tableF = '$tableF',
        TYPE = '$type';" );
if($request) {
    echo "Your patch has been successfully uploaded.";
    echo "Thanks for contributing!";
}
else {
    echo "there has been a problem";
    }
}
?>

When I load this URL from my iPhone app:

NSString *website = [NSString stringWithFormat:@"http://mywebsite/problem.php?AUDIO=%@&AUTOMATE=%@&BY=%@&ENVELOPE=%@&LENGTH=%@&NAME=%@&NOTES=%@&OUTPUT=%@&PATCH_NAME=%@&S_CMD=%@&SHAPE=%@&TABLE=%@&table0=%@&table1=%@&table2=%@&table3=%@&table4=%@&table5=%@&table6=%@&table7=%@&table8=%@&table9=%@&tableA=%@&tableB=%@&tableC=%@&tableD=%@&tableE=%@&tableF=%@&TYPE=%@", audio, automate, by, envelope, length, name, notes, output, patch_name, s_cmd, shape, table, table0, table1, table2, table3, table4, table5, table6, table7, table8, table9, tableA, tableB, tableC, tableD, tableE, tableF, type];
    [BackgroundLoader loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:website]]];

The output I get is: 

AUDIOAUTOMATEBYENVELOPELENGTHNAMENOTESOUTPUTPATCH_NAMES_CMDSHAPETABLETABLE0...TABLEFthere has been a problem

Can anyone see why this code is not updating the table?

Thanks in advance.

like image 944
yorksensei Avatar asked Feb 22 '26 08:02

yorksensei

1 Answers

you can use the insert set format for mysql queries

the problem can be found by adding this after your query

if (mysql_error()) {
   die (mysql_error());
}

that will give you an error message

at a guess i would say that the semi-colon at the end of the query will cause a problem, this is not required when called via php

also you should put backticks around the column names. you will probably find that TYPE is a reserved word, so at a bare minimum put backticks around TYPE

also your script is open to sql injection. try using $value = mysql_real_escape_string($_GET['value']) to stop that from happening

like image 149
bumperbox Avatar answered Feb 24 '26 20:02

bumperbox
Sign in to Comment

Related questions

how can i write this regex? ungreedy related

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!