PHP insert into a table not working

Question

I'm trying to insert items into a table but it isn't working although it's displaying a successful message :/

Here's my code & table.

<?php 
    ini_set("log_errors", 1);
    ini_set("error_log", "error.log");
    error_log( "Hello, errors!" );

        $itemName = $_POST['itemName'];
        $itemDesc = $_POST['itemDesc'];
        $itemSlutID = $_POST['itemSlutID'];

            if (isset($_POST['addBtn'])){

                if (empty($itemName) || empty($itemDesc) || empty($itemSlutID)){
                    echo error('Please fill in all fields');

                }else{
                    $SQLinsert = $odb -> prepare("INSERT INTO `items` VALUES(NULL, :userID, :itemName, :itemDesc, :itemSlutID)");
                    $SQLinsert -> execute(array(':userID' => $_SESSION['ID'], ':itemName' => $itemName, ':itemDesc' => $itemDesc, ':itemSlutID' => $itemSlutID));
                    echo success('Item has been added, please wait up to 1 hour for us to approve the item.');
                }
            }
?>

CREATE TABLE `items` (
  `ID` int(11) NOT NULL,
  `userID` int(11) NOT NULL,
  `itemName` text NOT NULL,
  `itemDesc` text NOT NULL,
  `itemSlutID` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

Why shouldn't it display a success message? You uncondintioanlly do that echo, without ever checking what your DB calls returned. your code is basically. "I don't care that that universe blew up and everyone's dead, I'm going to pretend like nothing happened". — Marc B, Feb 12 '16 at 16:27
`error_log( "Hello, errors!" );` yeah, most likely. and in http://php.net/manual/en/pdo.error-handling.php — Funk Forty Niner, Feb 12 '16 at 16:29
@Fred-ii- It's a marketplace. SlutID stands for slut.io (ecommerce service) item id. — SevnDK, Feb 12 '16 at 17:02

score 2 · Answer 1 · answered Feb 12 '16 at 16:29

Spot the problem:

$SQLinsert = $odb -> prepare("INSERT INTO `items` VALUES(NULL, :userID, :itemName, :itemDesc, :itemSlutID)");
                                                          ^--- ID field


CREATE TABLE `items` (
  `ID` int(11) NOT NULL,
                ^^^^^

Since you never bothered to check if the query actually succeeded, and blindly (and WRONGLY) output a false "success" message, you ended up here...

Why are you inserting a null value into a field you've explicitly defined as "not null"?

score 2 · Accepted Answer · edited Jun 20 '20 at 09:12

1. `null`

Look at your first column:

ID int(11) NOT NULL,

Yet your first placeholder value is NULL. Better practice would be to change it to NULL AUTO_INCREMENT.

2. Saying "success" whatever happens

After the statement executes, you're not checking to see if it was successful - you're just echoing a statement.

Change:

$SQLinsert -> execute(array(':userID' => $_SESSION['ID'], ':itemName' => $itemName, ':itemDesc' => $itemDesc, ':itemSlutID' => $itemSlutID));
echo success('Item has been added, please wait up to 1 hour for us to approve the item.');

To:

if($SQLinsert -> execute(array(':userID' => $_SESSION['ID'], ':itemName' => $itemName, ':itemDesc' => $itemDesc, ':itemSlutID' => $itemSlutID))){
    echo success('Item has been added, please wait up to 1 hour for us to approve the item.');
} else {
    //There's been a problem!
    echo "ERROR: " . $SQLinsert->errorInfo();
}

@SevnDK No worries. If it helped, don't forget to accept the answer! — Ben, Feb 15 '16 at 09:32

PHP insert into a table not working

2 Answers2

1. null

2. Saying "success" whatever happens

1. `null`