Home/ Questions/Q 8441415
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T08:33:31+00:00

I do not have any other option, but to ask here again… and problem

  • 0

I do not have any other option, but to ask here again… and problem is killing me for the past 5 hours. I got button that call javascript function, and then javascript opens another php page and does insert in MySQL database.

HTML code:

<ul>
<li id="ConfirmButton" name="Insert" onclick="GetAllIDs()"><a>Potvrdi</a></li>
</ul>

Javascript code:

var request_type;
var browser = navigator.appName;
if (browser == "Microsoft Internet Explorer") {
request_type = new ActiveXObject("Microsoft.XMLHTTP");
}
else {
request_type = new XMLHttpRequest();
}

var http = request_type;
http.open('get', 'insert.php?MatchID='+MatchID+'&TipID='+TipID+'&UserID=' + 1,true);
http.send(null);

PHP code:

include('config.php');
$matchID = $_GET['MatchID'];
$tipID = $_GET['TipID'];
$userID = $_GET['UserID'];

// Escape User Input to help prevent SQL Injection  
$MatchID = mysql_real_escape_string($matchID); 
$TipID = mysql_real_escape_string($tipID); 
$UserID = mysql_real_escape_string($userID); 

$insertTicket_sql = "INSERT INTO 
betslips(DateTime,MatchID,TipID,UserID)
VALUES(".$MatchID.",".$TipID.",'".date("Y-m-d H:i:s")."',".$UserID.")";
$insertTick= mysql_query($insertTicket_sql) or die(mysql_error());

So after I run this code and I use break point I see in my php code all parameters I sent over forms normally and it’s all there, but when I reach code $insertTick I get error
web server exited unexpectedly, restarting new instance.

Has anyone seen this problem before, and how can I deal with it?

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    did anyone seen this problem before?

    Not me, I dont use the mysql_* functions.

    Your INSERT query parameter and values dont match.

    So ive ported your example code to PDO perhaps its some interest:

    <?php 
//PDO Connect
try{
    $con = new PDO('mysql:host=127.0.0.1;dbname=yourDB','root','password');
    $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
    $con->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE,PDO::FETCH_ASSOC);
}catch (Exception $e){
    die('Cannot connect to database. Details:'.$e->getMessage());
}

//Check that the variables are set
if(isset($_GET['MatchID']) && isset($_GET['TipID']) && isset($_GET['UserID'])){

    //Prepare your query
    $query = $con->prepare("INSERT INTO betslips (DateTime,MatchID,TipID,UserID)
                            VALUES ('".date("Y-m-d H:i:s")."', :matchID, :tipID, :userID)");

    //Bind your values with the placeholders
    $query->bindParam(":matchID", $_GET['MatchID']);
    $query->bindParam(":tipID", $_GET['TipID']);
    $query->bindParam(":userID", $_GET['UserID']);

    //Execute
    $query->execute();
    die('Success!');
}else{
    die('Error: Parameter not set.');
}
?>
    • 0