Home/ Questions/Q 8295123
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T14:28:21+00:00

I have this query: mysql_query(INSERT INTO `63_Activity` (`username`, `time`) VALUES (`$usernann2`, `$date`)); However, it

  • 0

I have this query:

mysql_query("INSERT INTO `63_Activity` (`username`, `time`) VALUES (`$usernann2`, `$date`)");

However, it doesn’t do anything. Even when I tried correcting the variables to

". $variable ."

I checked the variables.

I copied the little line of code from somewhere it works.

The database and tables are existing.

I just thought I had things under control, then that happened -.-

Thank you in advance.

PS: I tried adding or die() – but no error. Nothing.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You would be better off using Paramaterized queries as in the following example:

     <?php

try {
    $usernann2 = "whateverUsernameFits";
    $date = new DateTime('2000-01-01');
    $stmt = $this->db->prepare ( "INSERT INTO 63_Activity (username, time) VALUES (:usernann2, :date)");
    $stmt->bindParam ( ':usernann2', $usernann2 );
    $stmt->bindParam ( ':date', $date );        
    $stmt->execute ();
}catch ( PDOException $e ) 
        {
            throw new Exception ( $this->db->errorInfo () . 'Problem inserting object ' );
        } catch ( Exception $e ) {
            throw new \Exception ( 'Problem inserting object ' );
        }

        ?>

    Bound parameters are a staple in preventing SQL Injection attacks. The exceptions thrown would give you a clue as to what might be the problem in your query if there is one. I normally check the query first to make sure it’s working with real values. From there it is a process of elimination.

    PS. https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet for more information on SQL Injection. You should also be able to find some excellent information and questions here on Stackoverflow regarding SQL Injection.

    • 0