Tuesday, 2 August 2016

php - How to display errors for my MySQLi query?




I am using the following script to process a form to add info to my website. The problem I am having is when I submit the form nothing gets submitted to the database, and there are no errors. How can I add error reporting to my query?



if (isset($_POST['itemdescription'])) {$itemdescription = $_POST['itemdescription'];}else {$itemdescription = '';}
if (isset($_POST['itemnumber'])) {$itemnumber = $_POST['itemnumber'];}else {$itemnumber = '';}
if (isset($_POST['sellerid'])) {$sellerid = $_POST['sellerid'];}else {$sellerid = '';}

if (isset($_POST['purchasedate'])) {$purchasedatepre = $_POST['purchasedate'];$date = DateTime::createFromFormat("D F d, Y", $purchasedatepre);$purchasedate = date('Y-m-d',strtotime($purchasedatepre));}else {$purchasedatepre = ''; $purchasedate = '';}
if (isset($_POST['otherinfo'])) {$otherinfo = $_POST['otherinfo'];}else {$otherinfo = '';}
if (isset($_POST['numberofitems'])) {$numberofitems = $_POST['numberofitems'];}else {$numberofitems = '';}
if (isset($_POST['numberofitemsused'])) {$numberofitemsused = $_POST['numberofitemsused'];}else {$numberofitemsused = '';}
if (isset($_POST['isitdelivered'])) {$isitdelivered = $_POST['isitdelivered'];}else {$isitdelivered = '';}
if (isset($_POST['price'])) {$price = $_POST['price'];}else {$price = '';}

$itemdescription = str_replace("'", "", "$itemdescription");
$itemnumber = str_replace("'", "", "$itemnumber");
$sellerid = str_replace("'", "", "$sellerid");

$otherinfo = str_replace("'", "", "$otherinfo");

include("connectmysqli.php");

mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')");

// header('Location: stockmanager.php?&key='.$key);
?>

Answer




Just simply add or die(mysqli_error($db)); at the end of your query, this will print the mysqli error.



 mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')") or die(mysqli_error($db));


As a side note I'd say you are at risk of mysql injection, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to avoid any risk.


No comments:

Post a Comment

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...