php - cant insert data to just one of my mysql table -

-

i developing website , funny thing can insert data table except 1 of table.

php part

function newproperty(){     global $link;     if(isset($_post['sendprop']) && $_post['agree'] == 'yes'){         $name=mysqli_real_escape_string($link,$_post['name']);         $owner=mysqli_real_escape_string($link,$_post['owner']);         $tel=mysqli_real_escape_string($link,$_post['tel']);         $email=$_session['cust_user'];         $type=$_post['type'];         $loc=$_post['location'];         $address=mysqli_real_escape_string($link,$_post['address']);         $bed=$_post['bed'];         $price=$_post['price'];         $descrip=mysqli_real_escape_string($link,$_post['desc']);              $temp = explode(".", $_files["pic"]["name"]);         $thumb = round(microtime(true)) . '.' . end($temp);         move_uploaded_file($_files["pic"]["tmp_name"], 'assets/propthumb/'.$thumb);          $query="insert property                  (prop_name, prop_email, prop_owner,                   prop_tel, prop_type, prop_location,                   prop_bed, prop_price, prop_thumb,                   prop_desc, prop_address)                  values                    ('$name','$email','$owner',                    '$tel','$type','$loc',                    '$bed','$price','$thumb',                    '$descrip','$address')";         $run=mysqli_query($link,$query);         if($run){             echo"<script>alert('property has been inserted successfully');</script>";             echo"<script>window.open('list.php','_self');</script>";         }    } }

html part

<form action="submit.php" method="post" enctype="multipart/form-data"> <div class="container bgsearch shadow">     <div class="container-fluid ">         <br>         <div class="row">             <div class="col-lg-10 col-lg-offset-1">                 <img src="assets/images/hero1.png" class=" img-responsive">             </div>         </div>         <div class="row">             <div class="col-lg-8 col-lg-offset-2">                 <h3 class="wtxt text-center">submit property</h3>                 <br>                 <hr id="hr">             </div>         </div>         <div class="row">             <div class="col-lg-6 col-lg-offset-3">                 <a href="list.php" class="form-control btn btn-success btn-block">list of properties</a>                 <br>             </div>         </div>         <div class="row">             <div class="col-lg-2"></div>             <div class="col-lg-4">                 <input type="text" class="form-control btn-block" name="name" placeholder="property name">                 <input type="text" class="form-control btn-block" name="owner" placeholder="owner name">                 <input type="tel" class="form-control btn-block" name="tel" placeholder="owner telephone number">                 <select class=" btn-block form-control" name="type" required>                     <option value='...'>...</option>                 </select>                 <select class=" btn-block form-control" name="location" required>                     <option value='...'>...</option>                      .                  </select>                 <input type="text" class="form-control btn-block" name="address" placeholder="address">                 <input type="number" name="bed" class=" btn-block form-control" placeholder="bedroom" min="0">             </div>             <div class="col-lg-4">                 <input type="number" name="price" class=" btn-block form-control" placeholder="price (tl)" step="25" min="200">                 <lable class="wtxt"><h5><b>property thumbnail image</b></h5></lable>                     <input type="file" class="form-control btn-block" name="pic" accept="image/*">                 <textarea class="form-control btn-block" name="desc" rows="6" required></textarea>                 <div class="checkbox">                     <label>                         <input type="checkbox" name="agree" value="yes"> agree terms &amp; conditions                      </label>                 </div>             </div>             <div class="col-lg-2"></div>         </div>         <div class="row">             <div class="col-lg-8 col-lg-offset-2">                 <input type="submit" class="form-control btn btn-warning btn-block" name="sendprop" value="submit">             </div>         </div>         <br><br>     </div> </div> </form> <?php newproperty(); ?>

what have tried , still not work are: 1. drop table , make new 1 2. change name of table 3. change insert into... values insert into.. set... 4. ....

please me can.

handle error condition, e.g.

    if($run){         // whatever     } else {         echo "<script>alert('sql error: "             . htmlspecialchars(mysqli_error($link))            . "');</script>"     }

as figuring out why statement isn't working, debugging, emit sql text , test in different client.

you're calling mysqli_real_escape_string function on values, not on others. so, sql insert statement still vulnerable sql injection.

a better pattern use prepared statement bind placeholders. it's not hard.


Comments

Post a Comment

Popular posts from this blog

python - Healpy: From Data to Healpix map -

-
Image
i have data grid rows represent theta (0, pi) , columns represent phi (0, 2*pi) , f(theta,phi) density of dark matter @ location. wanted calculate power spectrum , have decided use healpy. what can not understand how format data healpy use. if provide code (in python obvious reasons) or point me tutorial, great! have tried hand @ doing following code: #grid dimensions nrows*ncols (subject change) theta = np.linspace(0, np.pi, num=grid.shape[0])[:, none] phi = np.linspace(0, 2*np.pi, num=grid.shape[1]) nside = 512 print "pixel area: %.2f square degrees" % hp.nside2pixarea(nside, degrees=true) pix = hp.ang2pix(nside, theta, phi) healpix_map = np.zeros(hp.nside2npix(nside), dtype=np.double) healpix_map[pix] = grid but, when try execute code power spectrum. specifically, : cl = hp.anafast(healpix_map[pix], lmax=1024) i error: typeerror: bad number of pixels if point me tutorial or edit code great. more specifications: data in 2d np array , can change numrows/...
Read more

c - Bitwise operation with (signed) enum value -

-
i using enumerator values flags: typedef enum { = 0x00, b = 0x01u, // u has no influence, expected c = 0x02u, // u has no influence, expected ... } enum_name; volatile unsigned char* reg = someaddress; *reg |= b; according misra-c:2004 bitwise operations shall not done signed type. unfortunately, compiler iar use signed int (or short or char) underlying type of enums, , option can find relates size, not signedness ("--enum-is-int"). according iar c/c++ development guide arm , pages 169 , 211, can define type of enum s if enable iar language extensions ( -e command-line option, or project > options > c/c++ compiler > language > allow iar extensions in ide). in particular, should define "sentinel" value, make sure compiler chooses correct type. prefers signed types, , uses smallest possible integer type, sentinel should largest positive integer corresponding unsigned integer type can describe. example, typedef enum ...
Read more

xslt - Unnest parent nodes by child node -

-
in xml there items 0-n attributes , item should copied each attribute new item 1 attribute. given xml this: <?xml version="1.0" encoding="utf-8" ?> <items> <item> <name>a</name> <attributes> <attribute> <key>attribute1</key> <value>1</value> </attribute> </attributes> </item> <item> <name>b</name> </item> <item> <name>c</name> <attributes> <attribute> <key>attribute1</key> <value>5</value> </attribute> <attribute> <key>attribute2</key> <value>2</value> </attribute> <attribute> <key>attri...
Read more