CODEWITHSUNDEEP
php
IRHM
IRHM

Reputation: 1326

mysql_insert_id()

I wonder whether someone can help me please.

I'm trying to implement the mysql_insert_id() command in PHP and I just can't seem to get this to work.

I'm using a really simple script (below) just to test that it works, but I can only get a record to be created in the 'testfinds' table and not the 'testimages'.

<?php
    $conn = mysql_connect("hostname","username","password");
    if (!$conn) {
    die('PHP Mysql database connection could not connect : ' . mysql_error());
    }
    $findname=$_POST[findname];
    $phototitle=$_POST[phototitle];

    $db_selected = mysql_select_db("database", $conn);
    $sql = "INSERT INTO testfinds (findname)VALUES ('$findname')";
    $result = mysql_query($sql, $conn);

    $findid = mysql_insert_id($conn);

    $sql = "INSERT INTO testimages (phototitle) VALUES ('$phototitle','$findid')";
    $result = mysql_query($sql, $conn);

    //echo "Inserted record id is : " . mysql_insert_id();
    mysql_close($conn);
    ?>

I've been through the example I found and checked this against my code and there doesn't seem to be any difference there and I've double checked the table and fieldnames just to see if I'd made an error there, but I can't find anything.

This is the form that I'm using, again something really simple to test the functionality.

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Map</title>        
        <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false&language=en"></script>    

 <form enctype="multipart/form-data" action="savephp.php" name="save" id="savefindsandimages" method="post">
 <label>Find Name:<input type="text" name="findname" id="findname" />
  <br />
  <br />
  Photo Title:
  <input type="text" name="phototitle" id="phototitle" /> 
 <br />
  <br />
</label>
 <p>
    <input type="submit" value="Add">

I just wondered whether someone could perhaps take a look at this and let me know where I'm going wrong?

Many thanks

Upvotes: 1

Views: 373

Answers (2)

Joni
Joni

Reputation: 111219

You are missing the name of the column in the SQL:

$sql = "INSERT INTO testimages (phototitle, COLUMN_NAME_HERE) VALUES ('$phototitle','$findid')";

Upvotes: 3

WWW
WWW

Reputation: 9860

It appears your second INSERT query is a bit incorrect:

INSERT INTO testimages (phototitle) VALUES ('$phototitle','$findid')

You need to name the other field that you're setting - (phototitle) should be (phototitle,otherfieldname). Fix that and see if your script works as expected.

Also, I don't know if it's a typo, but you have:

$findname=$_POST[findname];
$phototitle=$_POST[phototitle];

The $_POST variables should probably read $_POST["findname"] and $_POST["phototitle"]. And finally, as mentioned in comments, your script is vulnerable to SQL injection attacks. See Bobby Tables for more info.

Upvotes: 4

Related Questions