please help i m stucked, data is not getting inserted into mysql databse

Azzy001 · Jan 4, 2019

if(isset($_POST['submit'])){
                        $cs_name = $_POST['name'];
                        $cs_email = $_POST['email'];
                        $cs_website = $_POST['website'];
                        $cs_comment = $_POST['comment'];
                        $cs_date = time();
                        if(empty($cs_name) or empty($cs_email) or empty($cs_comment)){
                            $error_msg = "ALL (*) feilds are Required";
                        }
                        else{
                            $cs_query = "INSERT INTO cms comments (id , date, name, username, post_id, email, website, image, comment, status) VALUES (NULL, '$cs_date', '$cs_name', 'user', '$post_id', '$cs_email', '$cs_website', 'unknown-picture.png', '$cs_comment', 'pending');";
                            if(mysqli_query($connection,$query)){
                                $msg = "Comment Has Been Submitted and waiting for approval";
                            }
                            else{
                                $error_msg = "Comment has not been not submitted";
                            }
                        }
                    }

(Added [code]...[/code] tags ~ Mod.)

dalecosp · Jan 4, 2019

Well ... you need to debug the query first, I suppose?

$error_msg = "Comment has not been submitted. Error: " . $connection->error;

Alternatively, for testing, have your script echo $cs_query and try it directly in the database via PHPMySQLAdmin, HeidiSQL, the CLI interface, etc.

sneakyimp · Jan 4, 2019

DB insert code can fail for numerous reasons:
- your code was unable to connect to the db for connectivity reasons
- your code was unable to connect to the db because the password was wrong or you lacked permissions
- your sql has an error in it
- your db is defined such that you can't insert the new record (e.g., conflicting autoincrement id or unique value)

The code you've posted (which is hard to read because you didnt use the code-formatting tools) doesn't show how you connect. You also didn't provide any information about possible errors or what result you are actually getting.

Lastly, your code as written is vulnerable to SQL Injection.

NogDog · Jan 4, 2019

If you have not yet done so, insert this at/near the top of your script for now in order to ensure you see any warnings/errors PHP is trying to help you with:

<?php
ini_set('display_errors', true); // set to false in production
error_reporting(E_ALL);

// rest of script

please help i m stucked, data is not getting inserted into mysql databse

AAzzy001

dalecosp

Ssneakyimp

NogDog