Page 1 of 1

PHP Error code help: Error 0

Posted: Thu Apr 30, 2009 6:35 am
by traxy
Hey,

Im currently working on a uni assignment using php and mysql the problem is when I try to execute a mysql query using the mysqli_query function I get an error code 0. Im not sure what this means (from my research it may have something to do with not being able to start mysql). The system (CentOS) that the script is running on I have limited access to but I can confirm mysql is running and I can connect to it via the mysql prompt. Here is a the code for you to look at as well:

Code: Select all

 
$DBConnect=@mysqli_connect("localhost", "$username", "$password", "$database")
Or die("<br/><br/>Unable to connect to the database server.</p>" . "<br/><br/>Error code " . mysqli_connect_errno($DBConnect) . ":" . mysqli_connect_error($DBConnect)) . "</p>";
 
$TableName="TEST";
$SQLstring = "INSERT INTO $TableName VALUES (',$_POST[field1],$_POST[field2],$_POST[field3])";
$QueryResult=@mysqli_query($DBConnect, $SQLstring)
Or die("<br/><br/>Unable to execute the query.</p>" . "<br/><br/>Error code " . mysqli_connect_errno($DBConnect) . ":" . mysqli_connect_error($DBConnect)) . "</p>";
echo "<br/><br/>Successfully executed the query.</p>";
mysqli_close($DBConnect);
 
Thanks :)

Re: PHP Error code help: Error 0

Posted: Thu Apr 30, 2009 7:26 am
by requinix
You're getting a problem with the mysqli_query, not the mysqli_connect. There was no problem with connecting. That means mysqli_connect_errno will return 0. Try mysqli_errno (and mysqli_error) instead.

Couple problems with the query: it has a rogue apostrophe, and it doesn't put quotes around the $_POST values (which are strings so it's necessary).

Code: Select all

$SQLstring = "INSERT INTO $TableName VALUES ('$_POST[field1]','$_POST[field2]','$_POST[field3]')";
Also, you need to learn right now that POST, GET, and COOKIE data is NOT safe to put directly into a SQL query. Run the string through mysql_real_escape_string first.

Code: Select all

$field1 = mysql_real_escape_string($_POST["field1"]);
$field2 = mysql_real_escape_string($_POST["field2"]);
$field3 = mysql_real_escape_string($_POST["field3"]);
$SQLstring = "INSERT INTO $TableName VALUES ('$field1', '$field2', '$field3')";