0

What I'm trying to do here is to register some object positioning data on my database. I tried to send the object data with this URL and its not working http://localhost/position/regpost.php?id=1&px=1&py=1&stats=1&frame=1

<?php  

//db information
$db = "test";
$dbu = "user";
$dbp = "pass";
$host = "localhost";
//connect
$dblink = mysql_connect($host,$dbu,$dbp);
$seldb = mysql_select_db($db);

//I belive the problem is here
if(isset($_GET['id']) && isset($_GET['px']) && isset($_GET['py']) && isset($_GET['stats']) &&isset($_GET['frame'])){


     $id = strip_tags(mysql_real_escape_string($_GET['id']));
     $px = strip_tags(mysql_real_escape_string($_GET['px']));
     $py = strip_tags(mysql_real_escape_string($_GET['py']));
     $stats = strip_tags(mysql_real_escape_string($_GET['stats']));
     $frame = strip_tags(mysql_real_escape_string($_GET['frame']));


     $sql = mysql_query("INSERT INTO `$db`.`building` (`id`,`px`,`py`, `stats`,`frame`) VALUES ('$id','$px','$py','$stats','$frame');");

     if($sql){


          echo 'success';

     }else{


          echo 'fail';

     }

}else{
     echo 'variable not set';
}

mysql_close($dblink);//Close off the MySQL connection.
?>
learningXD
  • 11
  • 1
  • 3
  • Enable error_reporting and see if you get any errors. – web-nomad Apr 27 '15 at 19:54
  • 1
    Please, [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Apr 27 '15 at 19:54
  • In your $sql query, you're using backticks on the database, tablename and the field names. Use single quotes. Also, as Jay said, you need to use PDO – Walker Boh Apr 27 '15 at 20:25

0 Answers0