0

I have this SQL statement that i'm trying to get to save new students to a table of students, however it simply isn't doing it, I don't get any error messages when I run error reporting and I ran the Query in sqlbuddy with values swapped in and it worked fine. Any ideas on what im doing wrong will be appreciated.

Heres the code:

<?php
session_start();
ini_set('display_startup_errors',1);
ini_set('display_errors',1);
error_reporting(-1);
$default = 'default';
$ClassID = $_GET['ID'];
$Surname = $_POST['Surname'];
$Firstname = $_POST['Firstname'];
$Firstletter = $Firstname[0];
$Username = $Firstletter + $Surname;
$sql_link = mysqli_connect('localhost', 'root', 'password', 'GameData');
$counter = mysqli_query($sql_link,"SELECT * FROM IDCounter");
$counter = mysqli_fetch_array($counter);
mysqli_query($sql_link,"INSERT INTO tblStudents(StudentID, StudentFirstName,    StudentSurname, ClassID, UserName, Password, CharacterSelect)
VALUES ('$counter[Counter]', '$_POST[Firstname]', '$_POST[Surname]', '$ClassID',  '$Username', '$default', 1)");
mysqli_close($sql_link);
header ("Location: TeacherSide.php");
?>

The POST values come from the form that directs to this page

Improve this question
6
  • 3
    Remove the header() call and add echo mysqli_error($sql_link); — Do you get any errors?
    – Amal
    Commented Apr 28, 2014 at 19:42
  • Upon using the error check I got this error message: Warning: mysqli_error(): Couldn't fetch mysqli in /var/www/game/classmod.php on line 18
    – Benjamin Sealy-Minto
    Commented Apr 28, 2014 at 19:45
  • allow me to correct myself, I put it after the sql_close, apologise for any confusion, after putting it somewhere more suitable no issues were displayed
    – Benjamin Sealy-Minto
    Commented Apr 28, 2014 at 20:09
  • 1
    When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use string interpolation to accomplish this because you will create severe SQL injection bugs. $_POST data never goes directly in the query.
    – tadman
    Commented Apr 28, 2014 at 20:13
  • For reasons I dont understand the page temporarily worked, then I changed $_POST[Firstname] and $_POST[Surname] to there respective variable stated earlier in the code and now the statement fails to work again.
    – Benjamin Sealy-Minto
    Commented Apr 28, 2014 at 20:21

1 Answer 1

Reset to default
0

I just worked out the issue I was having and I regret to inform you it was a rather stupid one, I was not updating my counter, So every time I tried to add a new student it would try with the same StudentID, and thus would fail, an easy fix

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.