php adding wrong value to mySql database

Question

i have built an air for android app that posts content to facebook and on success sends a url query to a php file to add the post id of the content along with fb_id and the users name. the problem is it is not adding the value i am giving it it is instead adding the same number(dont know where it is coming from) to the post_id and fb_id. i know the right values are being sent by the mobile app.

php:

<?php
/*
------------variables set in flash--------------

 videoVars.postId = result.id
 videoVars.uid = uid //fb user id
 videoVars.firstName = firstName
 videoVars.lastName = lastName

*/

$postId = $_REQUEST['postId'];
$uid = $_REQUEST['uid'];
$firstName = $_REQUEST['firstName'];
$lastName = $_REQUEST['lastName'];

echo $postId.'<br/>';
echo $uid.'<br/>';
echo $firstName.'<br/>';
echo $lastName.'<br/>';



//connect to database
include('db-connect.php');

$addVideo = mysqli_query($dbc , "INSERT INTO content (content_id, post_id, fb_id, first_name, last_name ) VALUES('','".$postId."','".$uid."','".$firstName."','".$lastName."')");

?>

the value i am getting for post_id and user_id are the same even though they should be different. i manually typed the vars in to addressbar in browser and it still misbehaved in the same way. the only way i can add more than one row is to add it in the sql tab of phpMyAdmin

Answer 1

The problem is the id were being stored as ints in the database and the biggest allowable int value is 2147483647 which is being put in each time and as the numeric ids are bigger numbers than 2147483647 and one of the fields is set to unique it can only add one row. i have changed the type to bigint and it is working fine now. i have also implemented some of @ dAngelov suggestions.

Answer 2

I guess that you have problem on content_id field. it should has auto_increment property.

In your sql, when you inserts content_id as a blank value '' it will convert to 0, next time when you insert a blank value again you will has "Duplicate entry '0' for key 'PRIMARY'" message.

to fix it just remove the primary key field in your query i.e:

$addVideo = mysqli_query($dbc , "INSERT INTO content ( post_id, fb_id, first_name, last_name ) VALUES('".$postId."','".$uid."','".$firstName."','".$lastName."')");

Or you can insert a null value for it:

$addVideo = mysqli_query($dbc , "INSERT INTO content (content_id, post_id, fb_id, first_name, last_name ) VALUES(null,'".$postId."','".$uid."','".$firstName."','".$lastName."')");

You can try to print out your current - wrong sql error like this:

$addVideo = mysqli_query($dbc , "INSERT INTO content (content_id, post_id, fb_id, first_name, last_name ) VALUES('','".$postId."','".$uid."','".$firstName."','".$lastName."')");
if (!$addVideo) {
        printf("Error: %s\n", mysqli_error($dbc));
    }

Answer 3

If your echo calls output the correct values, check your database table structure and make sure there's no UNIQUE key set for fb_id.

Then, make sure you're escaping all your content with mysqli_real_escape_string ( mysqli $link , string $escapestr ). https://www.php.net/manual/en/mysqli.real-escape-string.php

Is content_id an auto_increment value? If so, try passing NULL for it, without the single quotes, instead of an empty string.

To debug, you can also try echoing your query (first assign it to a variable $sql = "[QUERY HERE]";, then pass the variable to the function, then echo the $sql variable and finally call your file manually.