This question already has an answer here:
The problem is: this script works perfectly on localhost, but when I upload it, just stop working, and no errors displaying:
<?
$sessid = $_SESSION['id_usuario'];
if (!$mysqli->query("INSERT INTO `cervezam_sgcm`.`orders` (`id`, `userid`, `cid`, `tipou`, `cantidad`, `factura`, `producto`, `lote`, `notas`, `cprod`, `pbase`, `cenvio`, `fecha`, `fechae`, `fechap`, `status`, `cobro`, `ip`) VALUES
(NULL,
'.mysql_real_escape_string($sessid).',
'.mysql_real_escape_string($cid).',
'.mysql_real_escape_string($tipou).',
'.mysql_real_escape_string($cantidad).',
'.mysql_real_escape_string($factura).',
'.mysql_real_escape_string($producto).',
'.mysql_real_escape_string($numlot).',
'.mysql_real_escape_string($notas).',
'.mysql_real_escape_string($cprod).',
'.mysql_real_escape_string($pbase).',
'.mysql_real_escape_string($cenvio).',
'.mysql_real_escape_string($fecha).',
'',
'',
'.mysql_real_escape_string($status).',
'.mysql_real_escape_string($cobro).',
'.mysql_real_escape_string($ip).');")) {
echo "Falló la Insersión de Datos: (" . $mysqli->errno . ") " . $mysqli->error;
} echo"Datos Insertados";
The problem starts when trying to insert values into the table.
I just tryed all: with or without mysql:real_escape, using { and } in variables, removing and adding "" with the variables Ej. '".$variable."', all!! and still not working.
I just tryed with this php.net example:
$stmt = $mysqli->prepare("INSERT INTO CountryLanguage VALUES (?, ?, ?, ?)");
$stmt->bind_param('sssd', $code, $language, $official, $percent);
$code = 'DEU';
$language = 'Bavarian';
$official = "F";
$percent = 11.2;
/* ejecuta sentencias prepradas */
$stmt->execute();
and nothing happened, my script dont want to insert data into the respective table.
I have enabled error reporting
error_reporting(E_ALL);
ini_set('display_errors',0);
ini_set('log_errors',1);
but the page just turns white without any warning or error message.
I also veryfied if mysql username has INSERT permission, and yes, I have permission to INSERT data into tables.
Please apologyze my english, and thanks for helping me.
Solved with this:
if (!$mysqli->query("INSERT INTO `cervezam_sgcm`.`orders` (`id`, `userid`, `cid`, `tipou`, `cantidad`, `factura`, `producto`, `lote`, `notas`, `cprod`, `pbase`, `cenvio`, `fecha`, `fechae`, `fechap`, `status`, `cobro`, `ip`) VALUES
(NULL,
'".$_SESSION['id_usuario']."',
'".$cid."',
'".$tipou."',
'".$cantidad."',
'".$factura."',
'".$producto."',
'".$numlot."',
'".$notas."',
'".$cprod."',
'".$pbase."',
'".$cenvio."',
'".$fecha."',
'',
'',
'".$status."',
'".$cobro."',
'".$ip."');")) {
echo "Falló la Insersión de Datos: (" . $mysqli->errno . ") " . $mysqli->error;
} echo"Datos Insertados";
</div>
I'm fairly new to PHP but I did notice you are using a mixture of mysql and mysqli. You should really be using mysqli throughout the code.
The correct syntax would be "mysqli_real_escape_string($databaseConnection, $sessid);"
Hope that helps.
you are not getting any error message because of syntax rule , see <?= $test ?> is equivalent to <?php echo $test ?>. means your can use to print the data if you want to execute just use<? php and ?>
<?php
$sessid = $_SESSION['id_usuario'];
if (!$mysqli->query("INSERT INTO `cervezam_sgcm`.`orders` (`id`, `userid`, `cid`, `tipou`, `cantidad`, `factura`, `producto`, `lote`, `notas`, `cprod`, `pbase`, `cenvio`, `fecha`, `fechae`, `fechap`, `status`, `cobro`, `ip`) VALUES
(NULL,
'.mysql_real_escape_string($sessid).',
'.mysql_real_escape_string($cid).',
'.mysql_real_escape_string($tipou).',
'.mysql_real_escape_string($cantidad).',
'.mysql_real_escape_string($factura).',
'.mysql_real_escape_string($producto).',
'.mysql_real_escape_string($numlot).',
'.mysql_real_escape_string($notas).',
'.mysql_real_escape_string($cprod).',
'.mysql_real_escape_string($pbase).',
'.mysql_real_escape_string($cenvio).',
'.mysql_real_escape_string($fecha).',
'',
'',
'.mysql_real_escape_string($status).',
'.mysql_real_escape_string($cobro).',
'.mysql_real_escape_string($ip).');")) {
echo "Falló la Insersión de Datos: (" . $mysqli->errno . ") " . $mysqli->error;
} echo"Datos Insertados";
?>