php function returns no result

Question

I wrote a simple php function in an attempt to learn php and functions within php.

The goal of the function is to upload a new user to a db

Here is my function

function upload_user($pId, $pName, $pEmail, $pPhone ){
    $sql = "INSERT INTO users (member_id, name, email, phone) VALUES ('$pId', '$pName', '$pEmail', '$pPhone')";
     mysql_query($sql);
}

Here Is my Form

<form name="register" method="post">
<input type="text" value="name" name="name">
<input type="text" value="email" name="email">
<input type="text" value="phone" name="phone">
<input type="submit" name="submit" value="register" />
</form>

if(isset($_POST['submit'])){
    $id = rand(100, 10000);
    $name = $_POST['name'];
    $email= $_POST['email'];
    $phone = $_POST['phone'];

    upload_user($id,$name,$email,$phone);
}

I know I am connecting successfully to the db since I did a test to echo out if the connection is successful or not. I also have php errors switched onini_set('error_reporting', E_ALL); but it gives me no warnings or errors

My Problem

Nothing happens with the above function, i.e. the result is just blank. If anyone can point out to me what I am doing wrong it will be really appreciated.

Answer 1

mysql accepts a link_identifier

link_identifier : The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.

reference

So you should pass a connection parameter as noted in other answers. After every connection made, you should close the connection so that you don't run into too manny connections server errors.

Answer 2

I think most likely that the function doen't know about the database connection so you need to either pass the db connection object as a parameter to the function or use the global identifier inside the function.

function upload_user($dbconn, $pId, $pName, $pEmail, $pPhone ){
    $sql = "INSERT INTO `users` (`member_id`, `name`, `email`, `phone`) VALUES ('$pId', '$pName', '$pEmail', '$pPhone')";
     mysql_query($sql,$dbconn);
}

function upload_user($pId, $pName, $pEmail, $pPhone ){
    global $dbconn;
    $sql = "INSERT INTO `users` (`member_id`, `name`, `email`, `phone`) VALUES ('$pId', '$pName', '$pEmail', '$pPhone')";
     mysql_query($sql,$dbconn);
}

Neither of these will return a value - what you return from the function is up to you , if indeed you even want to return a value. You could use the response from the query ( true or false ) as the return:

function upload_user($pId, $pName, $pEmail, $pPhone ){
    global $dbconn;
    $sql = "INSERT INTO `users` (`member_id`, `name`, `email`, `phone`) VALUES ('$pId', '$pName', '$pEmail', '$pPhone')";
     return mysql_query($sql,$dbconn);
}


if(isset($_POST['submit'])){
    $id = rand(100, 10000);
    $name = $_POST['name'];
    $email= $_POST['email'];
    $phone = $_POST['phone'];

    /* using ternary notation to echo something based on return value of function */
    echo upload_user($id,$name,$email,$phone) ? 'Success' : 'Sorry, it failed';
}

You should be aware that certain words, in mysql and other rdbms, have special significance - so it is better to always ( imo ) to encase the field names in backticks. Also worth noting is that the mysql_* suite of functions are deprecated and it s advised to use either mysqli or pdo ~ and where you use user supplied content in your code ( form submission data generally or querystrings ) you should use prepared statements to guard against sql injection.