I get 0s added to my database

Astralboat · August 16, 2019, 7:15pm

Hello. I am trying to build a war reporter(game reporter) and I am running into a problem. When I try to put in values I get 0’s in my database. I took out the database information for security reasons, but I know the connection is right because it is selecting the right table in the database, just giving all 0’s in the fields.

<?php include('functions.php') ?>

<html>
<body>
<?php

$Player1Kills=$_POST['myText'];
$Player1Deaths=$_POST['myText2'];
$Date=$_POST['Date'];
$VarPlayer1=$_POST['sub1'];


if($_POST['sub1']='Event')
{

$query = "INSERT INTO eventstats (Kills, Deaths,Date)
VALUES('$Player1Kills', '$Player1Deaths', '$Date')";
    mysqli_query($database,$query);

}

if($_POST['sub1']='Archon')
{
$query = "INSERT INTO archonstats (Kills, Deaths,Date)
VALUES('$Player1Kills', '$Player1Deaths', '$Date')";
mysqli_query($database,$query);


}

?>
</body>
</html>

psycoperl1 · August 16, 2019, 8:28pm

I am going to assume that your Kills and Deaths columns are numeric fields. If so, you are inserting literal strings and not the values.

Your code:

$query = "INSERT INTO eventstats (Kills, Deaths,Date) VALUES('$Player1Kills', '$Player1Deaths', '$Date')";

Should be:

$query = "INSERT INTO eventstats (Kills, Deaths,Date) VALUES(" . $Player1Kills . "," . $Player1Deaths .", '" , $Date ."')";

benanamen · August 16, 2019, 10:56pm

Actually not. What it should be is using Prepared Statements. You never ever put variables in your query. Also, stop creating variables for nothing. You also have 50% more code than you need. The only difference between the two queries is the table.

Astralboat · August 16, 2019, 11:30pm

Thanks for the tip. I am now using prepared statements

phdr · August 16, 2019, 11:41pm

In your first thread on this forum, you had a form and form processing code. That form processing code had validation logic in it to prevent the use of the submitted data if it was empty. If you had validation logic in this form processing code, empty values (which in the case of numbers and dates get converted to zeros), wouldn’t be getting inserted. That previous thread was also using a prepared query.

Just because the data that’s being operated on has a different meaning, doesn’t mean you take a step backwards and leave out features your code had in it before. Also, in that previous thread a forum member listed a number of programming practices and posted example code using those practices. I recommend that you reread the replies in that previous thread. We should not be repeating information we have already told you.

Next, one = is an assignment operator. Two == is a comparison operator. Your conditional statements testing which form was submitted are assigning the string to the variable and testing the result of that assignment, which for the values being assigned is always true, and the form processing code runs each time the page is requested, not just when a form gets submitted.

Lastly, if the two database tables hold same meaning data, that only differs in a category or type value for that data, you should have one database table with a category/type column.