Getting error need help

PHP
1

Please let me know whats wrong here i am getting the error please check query
just adding subcategory to main category

	<div class="col-lg-4 mx-md-auto paper-card">

		
		
		<?php

	if ( isset( $_POST[ 'submit' ] ) ) {
			if ( empty( $_POST[ 'subcat' ] ) ) {
				echo '<span style="color: red;"> Please Fill in the Category Name</span> ';
			} else {

				
				$subcat =clean( $_POST['subcat']);
       

        $query = " insert into subcategory values('sid','$_POST[cat]','$subcat')";
				$result = mysqli_query( $con, $query );

				if ( $result ) {
					echo '<span style="color: green;">Category Added Successfully</span>';
				} else {
					echo '  Please Check Your Query ';
				}
			}
		}



		?>

		<form method="post" action="">
			<div class="form-group">
				<lable>Sub Category Name</lable>
				<input type="text" class="form-control" name="subcat"/>
			</div>
			<div class="form-group">
				<lable>Select Category</lable>
				<select class="form_control" name="cat">
					<?php 
	
	$query="select * from category";
	$sql=mysqli_query($con,$query);
	if(mysqli_num_rows($sql)>0){
		while($row=mysqli_fetch_assoc($sql)){
	
	?>
					<option value="<?php echo $row['cid']; ?>">
						<?php echo $row['catname']; ?>
					</option>
					<?php 
			}	
	}		
		?>
				</select>
			</div>


			<div class="form-group">
				<button class="btn btn-primary" name="submit">Submit</button>

			</div>

		</form>
	</div>

</div>
2

What’s the error you get?

… not to mention the gaping SQL injection hole.

2 Likes
3

In this query

" insert into subcategory values('sid','$_POST[cat]','$subcat')";

don’t you need to specify which columns you are assigning those values to? I haven’t done massive amounts of SQL, but it seems that otherwise it would need to guess which value goes into which column.

Is this a typo or intentional?

<lable>Sub Category Name</lable>
4

No, but that doesn’t make it a good idea and also causes hard-to-find bugs.

From the manual:

If you do not specify a list of column names for INSERT ... VALUES or INSERT ... SELECT , values for every column in the table must be provided by the VALUES list or the SELECT statement.

1 Like
5

Ah yes, I was just editing my previous post with exactly that. Values for all columns must be specified, and in the correct order. I haven’t come across that before, and as you say, it seems to be fraught with difficulty and makes queries hard to read.

7

i tried putting them but same error - Please Check Your Query

8

Show us the new version of the code. Is it correct that the first column you insert contains the fixed string “sid”, which will always be the same?

9

My thought was that the line looked like a misuse of mysqli bind param syntax. i.e.

  • s - string
  • i - integer
  • d - double
10

these are the category and subcategory in my mysql tried replace each one but same error is anything else is wrong in the code/form or its just the query

category
cid,catname

subcategory
sid,cid,scatname

11

see the uploaded code this code works fine but mine not i think he is using php5 and i am using php7 is this matter
see the screenshot attched

1
1608×530 45.9 KB

12

Well, the error message you are getting is displayed when you’ve just run the query, so it’s probably that.

If the ‘sid’ column is your unique subcategory identifier, and it’s auto-incrementing, then you don’t need to specify it. Just do something like

insert into subcategory (cid, scatname) values ($_POST[cat], $subcat);
13

Yes, but that code isn’t specifying a string value for the first column, it’s just leaving it blank. You are trying to store a string “sid” into what looks as if it’s a numerical column. What if you just remove the string and leave the quotes, just like above?

14

did that too but same error

15

Show us the latest code.

16

tried this also but not working same error - Please Check Your Query

17 
<?php include("header.php"); ?>

<div id="primary" style="padding-top: 40px;">
	<div class="container">

		<div class="col-lg-4 mx-md-auto paper-card">

			<h2>Add New Sub Category</h2>

		</div>
	</div>

	<hr/>
	<div class="container">

		<div class="col-lg-4 mx-md-auto paper-card">

			<?php

			if ( isset( $_POST[ 'submit' ] ) ) {
				if ( empty( $_POST[ 'subcat' ] ) ) {
					echo '<span style="color: red;"> Please Fill in the Category Name</span> ';
				} else {
					$subcat = clean( $_POST[ 'subcat' ] );
					$query = "insert into subcategory (cid, scatname) values ($_POST[cat], $subcat)";
					$result = mysqli_query( $con, $query );

					if ( $result ) {
						echo '<span style="color: green;">SubCategory Added Successfully</span>';
					} else {
						echo '  Please Check Your Query ';
					}
				}
			}



			?>

			<form method="post" action="">
				<div class="form-group">
					<lable>Sub Category Name</lable>
					<input type="text" class="form-control" name="subcat"/>
				</div>
				<div class="form-group">
					<lable>Select Category</lable>
					<select class="form_control" name="cat">
						<?php 
		
		$query="select * from category";
		$sql=mysqli_query($con,$query);
		if(mysqli_num_rows($sql)>0){
			while($row=mysqli_fetch_assoc($sql)){
				
				
		
		?>
						<option value="<?php echo $row['cid']; ?>">
							<?php echo $row['catname']; ?>
						</option>
						<?php 
				}	
		}		
			?>
					</select>
				</div>


				<div class="form-group">
					<button class="btn btn-primary" name="submit">Submit</button>

				</div>

			</form>
		</div>

	</div>
</div>
</div>
</div>
</div>
</div>
<!-- Row -->
</div>
<!-- Main Wrapper -->

<?php include("footer.php"); ?>
18

Do you need to put the quotes back in? I left them out because I’m never quite sure, and I use PDO and prepared statements which handle the quotes for me.

19

if i remove the quotes the it gives error
( ! ) Parse error: syntax error, unexpected ‘into’ (T_STRING) in C:\wamp64\www\site\admin\teset.php on line 25
so put them

20

OK, so the latest code you posted above isn’t the latest, because you’ve added quotes into the query?

What’s the table layout of the subcategory table?

21

see this i can add category with this code

<div id="primary" style="padding-top: 40px;">
        <div class="container">
           
                <div class="col-lg-4 mx-md-auto paper-card">
					
		<h2>Add New Category</h2>			
					
			</div></div>	
					
				<hr />  <div class="container">
           
                <div class="col-lg-4 mx-md-auto paper-card">
	
	<?php
	
		

    if(isset($_POST['submit']))
    {
        if(empty($_POST['category']) )
        {
            echo '<span style="color: red;"> Please Fill in the Category Name</span> ';
        }
        else
        {

			
			$cat = $_POST['category'];
           

            $query = " insert into category (catname) values('$cat')";
            $result = mysqli_query($con,$query);

            if($result)
            {
                echo '<span style="color: green;">Category Added Successfully</span>';  
            }
            else
            {
                echo '  Please Check Your Query ';
            }
        }
    }
    
	?>

	<form method="post" action="">
		<div class="form-group" >
	<lable> Category Name</lable>
		<input type="text" class="form-control" name="category"/>
		
		</div>
	<div class="form-group">
<button class="btn btn-primary" name="submit">Submit</button>
		
		</div>
	
		</form>
			</div>

</div></div>

only few changes done to add sub category