I am trying to pass the data into the data base using an array, but I keep getting this error. I checked my code carefully to see if I was missing a column but it doesn't look like it. What am I doing wrong?
<?php
class inventario {
public function __construct() {}
public function insertar($info) {
if(isset($info)) {
$db_host = 'localhost';
$db_user = 'root';
$db_pass = 'root';
$db_name = 'inventory_cars';
$db_link = mysqli_connect($db_host, $db_user, $db_pass, $db_name) or die('No Connection');
$clean_info = mysqli_real_escape_string($db_link, array_values($info));
$query = mysqli_query( $db_link, "INSERT INTO cars(date, stock, year, make, model, vin, cr) VALUES('" . (string)$clean_info. "')") or die(mysqli_error($db_link));
if($query) {
return 'Record inserted';
}
mysqli_close($db_link);
}
else {
echo 'info variable not set';
}
}
public function table() {
$action = $_SERVER['PHP_SELF'];
$table = '<form name="insertar" method="post" action="' . $action . '"><table><tr><td>Date</td><td><input type="date" name="date"/></td></tr><tr><td>Stock#</td><td><input type="text" name="stock"/></td></tr><tr><td>Year:</td><td><input type="text" name="year"/></td></tr><tr><td>Make:</td><td><input type="text" name="make"/></td></tr><tr><td>Model:</td><td><input type="text" name="model"/></td></tr><tr><td>VIN:</td><td><input type="text" name="vin"/></td></tr><tr><td>CR:</td><td><input type="text" name="cr"/></td></tr><tr><td><input type="submit" value="Submit" name="submit"/></td></tr></table></form>';
return $table;
}
public function stock_list() {
$db_host = 'localhost';
$db_user = 'root';
$db_pass = 'root';
$db_name = 'inventory_cars';
$db_link = mysqli_connect($db_host, $db_user, $db_pass, $db_name) or die('No Connection');
$query = "SELECT * FROM cars";
$result = mysqli_query($db_link, $query) or die('Query fail.. Please wait...');
while($row = mysqli_fetch_array($result)) {
echo '<tr><td>' . $row['date'] . '</td><td>' . $row['year'] . '</td><td>' . $row['make'] . '</td><td>' . $row['model'] . '</td><td>' . $row['vin'] . '</td><td><a href="' . $row['cr'] . '">CR</a></td></tr>';
}
mysqli_close($db_link);
}
}
?>
<?php
require('inventoryControl.php');
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Inventory</title>
<!--[if lt IE 9]>
<script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
</head>
<body>
<div id="wraper">
<div class="add_item">
<?php
$inventario = new inventario;
echo $inventario->table();
if (isset($_POST['submit'])) {
$info = array('date' => $_POST['date'], 'stock' => $_POST['stock'], 'year' => $_POST['year'], 'make' => $_POST['make'], 'model' => $_POST['model'], 'vin' => $_POST['vin'], 'cr' => $_POST['cr']);
if(isset($info)) {
$inventario->insertar($info);
}
else {
echo 'variable not set';
}
}
?>
</div><!--end add item -->
<div class="inventory_list">
<?php
echo '<table>';
$inventario->stock_list();
echo '</table>';
?>
</div><!--end inventory_list -->
</div><!--end wraper -->
</body>
</html>
It looks like you're passing the "submit" value, too.
Output $clean_info to the screen (before you run the query) to debug it.
Echo out the query text you are sending to the database.
The insert statement lists seven columns, :
INSERT INTO cars
(date, stock, year, make, model, vin, cr)
So there need to be seven values in the values list, e.g.
VALUES ('2013-08-22','stk','''74','Dodge','Charger','12345','1500')
I suspect that concatenating (string)$clean_info into the SQL text is not producing a valid statement. This is just basic debugging. Generate that SQL statement into a string, and echo (or vardump) that string out so you can see what's being passed to the database.
With the mysqli interface, you can use paramaterized queries, which is really a better approach. (You don't use mysqli_real_escape_string on the values supplied as bind parameters)
e.g.
$sqltext = "INSERT INTO cars(date,stock,year,make,model,vin,cr) VALUES (?,?,?,?,?,?,?)";
if ($stmt = $mysqli->prepare($sqltext)) {
$stmt->bind_param("sssssss",$date,$stock,$year,$make,$model,$vin,$cr);
$stmt->execute();