Simple insert not working

LWolf · Jan 25, 2015

I am putting a simple page together for friends to add their name to my super bowl party. The insert is not working.

The insert line echo's this...
INSERT INTO peeps(pname, pcnt, dish) VALUES('Raquel', 1, 'Brownies')

There are 4 variables passed: rec (to determine if it needs to add a rec), pname, pcnt and dish.

Here is the code (yes I know it is open to sql injection but it is only up for a week and my friends do not understand computers!)...
if ($_GET['rec']=="add"){
$peep_insert="INSERT INTO peeps(pname, pcnt, dish) VALUES('" . $_GET['pname'] . "', " . $_GET['people'] . ", '" . $_GET['dish'] . "')";
$my_insert=$pdo->prepare($peep_insert);
echo $peep_insert . "<br>";
$my_insert->execute();
}

What am I doing wrong?

jpadie · Jan 25, 2015

assuming you already have the $pdo variable properly instantiated

Code:

if ($_GET['rec']=="add"){
 $peep_insert="INSERT INTO peeps(pname, pcnt, dish) VALUES(?,?,?)";
 $params = array($_GET['pname'],$_GET['people'],$_GET['dish']);
 $s=$pdo->prepare($peep_insert);
 if($s === false){ print_r($pdo->errorInfo());}
 $result = $s->execute($params);
 if($result === false){ print_r($s->errorInfo());}
}

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Simple insert not working

LWolf

Programmer

jpadie

Technical User

Similar threads

Part and Inventory Search

Sponsor