<?php
$uname = $_POST['uservalue'];
$tblname="student".$uname;
$sql = "CREATE TABLE '$tblname' (col1 INT NOT NULL AUTO_INCREMENT PRIMARY KEY, col2 VARCHAR(100) NOT NULL, col3 TEXT NOT NULL, col4 TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE = MyISAM";
mysql_query($sql);
mysql_query("INSERT INTO table2 (col1, col2, col3) VALUES ('value1', 'value2', 'value3')");
?>
I want to create a table where table table name is accepted from user using a form and also insert some values in another table at the same time. I have tried above php script to do so. The insert query is working properly but dont know whats wrong with create table query, the table is not created in database. Any help will be appreciated. Thanks in advance.
Take a look at the documentation for the function mysql_query: http://us3.php.net/mysql_query
Let's ignore the fact that it is deprecated at the moment.
Ensure to always take the return value (a boolean) and check it for success (true).
If you get false then you can find out what the error was with mysql_error.
Try that, and if the error isn't obvious then come back.
Of course, there's the fact that you aren't concatenating your SQL statement together properly too.
Firstly - this may only be outline code but make sure you're escaping any variables you're taking from the $_POST or $_GET arrays when using them in database queries. Especially if creating tables based on posted data. SQL injection is really important to read up on - plenty of good tutorials and other posts on this site.
I'd suggest that your mysql user may not have the 'create' privileges on the database - have you checked this?
Failing that it's likely that you are getting an error returned from mysql - you should have some error handling in your PHP, but as a quick test you could echo out the $sql variable and try running it manually in phpmyadmin or on the mysql command line to track down your error.
Try amending the create SQL from:
$sql = "CREATE TABLE '$tblname' (col1 INT NOT NULL AUTO_INCREMENT PRIMARY KEY, col2 VARCHAR(100) NOT NULL, col3 TEXT NOT NULL, col4 TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE = MyISAM";
To:
$sql = "CREATE TABLE '".$tblname."' (col1 INT NOT NULL AUTO_INCREMENT PRIMARY KEY, col2 VARCHAR(100) NOT NULL, col3 TEXT NOT NULL, col4 TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE = MyISAM";
Does that make any difference? (should still look at escaping even if so)
Try trouble shooting the problem by seeing what the functions return and what the error messages are (if any). The code is given below. A few advice first :
$tblname.col1 was declared to be of integer type but you are feeding a string 'value1' (though that'll work with a warning).mysqli_* functions instead.Also, the table name $tblname you've used to create is "student".$uname but the one that you've used to insert into is table2.
So, here is the code :
<?php
$uname = $_POST['uservalue'];
$tblname = "student".$uname;
$sql1 = "CREATE TABLE $tblname (col1 INT NOT NULL AUTO_INCREMENT PRIMARY KEY, col2 VARCHAR(100) NOT NULL, col3 TEXT NOT NULL, col4 TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE = MyISAM";
$sql2 = "INSERT INTO $tblname (col1, col2, col3) VALUES ('value1', 'value2', 'value3')";
//$conn stands for the connection reference of the mysql connection
if(!mysqli_query($conn, $sql1))
echo mysqli_error($conn);
if(!mysqli_query($conn, $sql2))
echo mysqli_error($conn);
?>