MySQL PHP Help!

Risingstar

Hey guys,

I'm pretty new to PHP, so don't laugh if my code makes no sense what-so-ever, but I'm having an error writing to my MySQL database.

If I post something from a form and enter text in all of the fields and hit "Submit" it comes up with the error:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/spowpow1/public_html/touch/post/posts.php on line 34

From what I know, this means that there is some sort of error creating the database table, right? Well I cn't even begin to imagine what's wrong with this code since I used the exact same code for my website home page and it works perfectly (see the News Feed).

Here's the code:

<?php error_reporting(E_ALL);
$title=$_GET['title'];
$date=$_GET['date'];
$body=$_GET['body'];
$by=$_GET['by'];
$con = mysql_connect("localhost","my username","my password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
// Create table
mysql_select_db("spowpow1_touchnews", $con);
$sql = 'CREATE TABLE news (
		title varchar(30),
		body text,
		date text,
		by text
	)';
echo "Database Table Created...<br>";
//Inserting Data
mysql_query("INSERT INTO news (title, body, date, by)
VALUES ('$title', '$body', '$date', '$by')");
echo "Data Inserted...<br><br>";
mysql_query($sql,$con);
//Displaying Data
$result = mysql_query("SELECT * FROM news");
echo "<table border='1'>
<tr>
<th>Title</th>
<th>Body</th>
<th>Date</th>
<th>By</th>
</tr>";
while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['title'] . "</td>";
  echo "<td>" . $row['body'] . "</td>";
  echo "<td>" . $row['date'] . "</td>";
  echo "<td>" . $row['by'] . "</td>";
  echo "</tr>";
  }
echo "</table>";
mysql_close($con);
?>

If anybody has any idea what's going wrong, that would be absolutely fantastic. Thanks so much!

m3rls

Hello!

There are a few issues I'll address here.

Firstly, that PHP error means the mysql resource handler is invalid. In this case it's because there's an SQL error in the create table statement which is stopping the table being created, and that is in turn stopping the select from working.

The next thing I'm going to ask is why are you creating the table on the fly like that? I'm not sure if you're just testing things out, and if so that's cool, but if that table already exists, running that is going to cause issues. Generally you want to create the table once, then just add data to it with INSERT or UPDATE statements as you're doing.

Anyway, the create table statement is indeed failing, because 'date' is a reserved keyword. It's good practice to name date fields something other than 'date', but if you do need the field to be called that for whatever reason, you can escape it with backticks (the character to the left of the 1 key on your keyboard).

I've quickly re-written the code for you, but haven't tested it, so there's a chance there are errors with it. I've gotta run but if it doesn't work let me know.

<?php 
    error_reporting(E_ALL);

// Always escape user input - $_GET, $_POST and $_REQUEST should always have at least addslashes(); run on them
$title = mysql_real_escape_string($_GET['title']);
$body = mysql_real_escape_string($_GET['body']);
$by = mysql_real_escape_string($_GET['by']);
$date = mysql_real_escape_string($_GET['date']);

$con = mysql_connect("localhost","my username","my password");
if (!$con) {
    die('Could not connect: ' . mysql_error());
}

mysql_select_db("spowpow1_touchnews", $con);

// Create table (If it doesn't already exist)
// Note, that 'date' should probably not be called date, and also, if you
//       want date functionality, you should make it a DATE/DATETIME field
$sql = 'CREATE TABLE `news` (
            `title` varchar(30),
            `body` text,
            `date` text,
            `by` text
        )';
mysql_query($sql, $con) or die("Error creating database: " . mysql_error());
echo "Database Table Created...<br>";

// Inserting Data
mysql_query("INSERT INTO news (title, body, date, by) VALUES ('{$title}', '{$body}', '{$date}', '{$by}')", $con) or die("Error inserting data: " . mysql_error());
echo "Data Inserted...<br><br>";

//Displaying Data
$result = mysql_query("SELECT * FROM news", $con);
?>

<table border='1'>
    <tr>
        <th>Title</th>
        <th>Body</th>
        <th>Date</th>
        <th>By</th>
    </tr>
    <?php
    while($row = mysql_fetch_array($result)) {
        echo "<tr>";
        echo "<td>" . $row['title'] . "</td>";
        echo "<td>" . $row['body'] . "</td>";
        echo "<td>" . $row['date'] . "</td>";
        echo "<td>" . $row['by'] . "</td>";
        echo "</tr>";
    }
?>
</table>

<?php
mysql_close($con);
?>

Risingstar

Well, I got it working before this post, but thanks anyways, I just chanegd the date and by names to "dater" and "bf". I'll change everything you told me to change if you think the coder I have now will cause problems.

Also, for the creating the table, could I just do

CREATE TABLE IF NOT EXISTS

? or would that not work?

NogDog

A problem I see in the original code is that you never actually executed the table creation query. (You defined a variable to hold the query string, but you never submitted that string via the mysql_query() function.)

And yes, you could do the IF NOT EXISTS if that makes logical sense for your application.

m3rls

I apologize Risingstar, I actually added that into the code in my IDE but didn't re-paste it!

Risingstar

NogDog wrote:
A problem I see in the original code is that you never actually executed the table creation query. (You defined a variable to hold the query string, but you never submitted that string via the mysql_query() function.)

And yes, you could do the IF NOT EXISTS if that makes logical sense for your application.

mysql_query($sql,$con);

Isn't that executing the query?

NogDog

Risingstar wrote:
...Isn't that executing the query?

If you are using m3rls's code, you should be OK now in that respect.

In your original post:

$sql = 'CREATE TABLE news (
		title varchar(30),
		body text,
		date text,
		by text
	)';
echo "Database Table Created...<br>";

In m3rls's updated version:

    $sql = 'CREATE TABLE `news` (
                `title` varchar(30),
                `body` text,
                `date` text,
                `by` text
            )';
    [color=red]mysql_query($sql, $con) or die("Error creating database: " . mysql_error());[/color]
    echo "Database Table Created...<br>";

Risingstar

Thanks so much to everyone! This is a great forum.

Horizon88

Don't forget to mark this resolved, please.