0

I have been breaking my head against this and still I am unable to understand that why wouldn't this work

include ("db_conn.php");

//function for sanitizing the user input
function clean_input($data)
{
$data = stripslashes($data);
$data = trim($data);
$data = htmlspecialchars($data);
return $data;
}
//registration form data validation
if(!empty($_POST['s_register_submit']))
{
$Salutation= $F_Name= $L_Name= $email= $pass= $P_Number = "";

$Salutation= clean_input($_POST['Salutation']);
$F_Name= clean_input($_POST['F_Name']);
$L_Name= clean_input($_POST['L_Name']);
$email= clean_input($_POST['email']);
$pass= clean_input($_POST['pass']);
$P_Number= clean_input($_POST['P_Number']);
$query= "INSERT INTO STUDENT (Salutation, F_Name, L_Name, email, password, phone) 
         VALUES
         (`$Salutation`,`$F_Name`,`$L_Name`,`$email`,`$pass`,`$P_Number`)";

$query1= mysqli_query($dbhandle,$query) || die("Unable to insert"); 
echo "Saved";

And here are the contents for db_conn.php

$user="root";
$password="";
$host="localhost";
$dbname="Interns";

$dbhandle=mysqli_connect($host, $user, $password, $dbname);
if(!$dbhandle)
{
die("Unable to connect");
}
echo "Connected";

When running db_conn.php directly or through the script in which it is included, its echoing "Connected", still the query returns "Unable to Insert".

Improve this question
3
  • Try $query1= mysqli_query($dbhandle,$query) || die(mysqli_error($dbhandle)); to get the error message from mysql. EDIT: Thank you VolkerK. Adjusted the code acordingly. Commented Feb 2, 2015 at 14:32
  • 1
    @Markus Müller: mysqli_error($dbhandle). Unlike mysql_error() with the mysqli the handle is not optional. Commented Feb 2, 2015 at 14:33
  • Appears like @JohnConde spotted the bug. I had this impression that back ticks are used to avoid ambiguity between keywords and variables. Commented Feb 2, 2015 at 14:37

1 Answer 1

Reset to default
3

You wrap strings in quotes, not ticks. Ticks are reserved for identifiers.

$query= "INSERT INTO STUDENT (Salutation, F_Name, L_Name, email, password, phone) 
     VALUES
     (`$Salutation`,`$F_Name`,`$L_Name`,`$email`,`$pass`,`$P_Number`)";

should be

$query= "INSERT INTO STUDENT (Salutation, F_Name, L_Name, email, password, phone) 
     VALUES
     ('$Salutation','$F_Name','$L_Name','$email','$pass','$P_Number')";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.