I am trying to input these values into database but everytime there is an error. I think the error is in this part of code but i am not able to find it plzz help.
<?php
if ($roomtype == "DeluxeRoom")
{
$rom = "SELECT room_id FROM room WHERE room_id NOT IN ( SELECT room_id
FROM reservation WHERE start_date <= '2016-02-27' AND end_date >= '2016-02-
24')";
}
?>
<?php
session_start();
include_once 'database.php';
if (isset($_POST['signup']))
{
$checkin = mysqli_real_escape_string($con, $_POST['checkin']);
$checkout = mysqli_real_escape_string($con, $_POST['checkout']);
$numroom = mysqli_real_escape_string($con, $_POST['numroom']);
$roomtype = mysqli_real_escape_string($con, $_POST['roomtype']);
$cid = $_SESSION['usr_id'];
if ($roomtype == "DeluxeRoom")
{
$rom = "SELECT room_id FROM room WHERE room_id NOT IN ( SELECT room_id
FROM reservation WHERE start_date <= '2016-02-27' AND end_date >= '2016-02-
24')";
}
$sql = "INSERT INTO reservation (customer_id,room_id,start_date, end_date)
VALUES('" . $cid . "','" . $rom . "','" . $checkin . "','" . $checkout . "')";
if (mysqli_query($con, $sql))
{
echo "New record created successfully";
}
else
{
echo "Error";
}
}
?>
You can not insert $rom
in INSERT
query. You must serialize it value to string:
<?php
session_start();
include_once 'database.php';
?>
<?php
if (isset($_POST['signup'])) {
$checkin = mysqli_real_escape_string($con,$_POST['checkin']);
$checkout = mysqli_real_escape_string($con,$_POST['checkout']);
$numroom = mysqli_real_escape_string($con,$_POST['numroom']);
$roomtype = mysqli_real_escape_string($con,$_POST['roomtype']);
$cid=$_SESSION['usr_id'];
if($roomtype=="DeluxeRoom")
{
$rom="SELECT room_id FROM room WHERE room_id NOT IN ( SELECT room_id
FROM reservation WHERE start_date <= '2016-02-27' AND end_date >= '2016-02-
24')";
}
$q = mysqli_query($con, $rom);
$row = json_encode($q->fetch_array(MYSQLI_NUM));
$sql="INSERT INTO reservation (customer_id,room_id,start_date, end_date)
VALUES('" . $cid . "','" . $rom . "','" . $checkin . "','" . $checkout .
"')";
if(mysqli_query($con, $sql)) {
echo "New record created successfully";
} else {
echo "Error";
}
}
You're not executing the query built in $rom. Also, as Sami Kuhmonen pointed out, you really should use prepared statements instead of string concatenation.
Try this:
<?php
session_start();
include_once 'database.php';
if (isset($_POST['signup'])) {
$checkin = $_POST['checkin'];
$checkout = $_POST['checkout'];
$numroom = $_POST['numroom'];
$roomtype = $_POST['roomtype'];
$cid = $_SESSION['usr_id'];
if ($roomtype == "DeluxeRoom") {
if (($res = mysqli_query(
$con,
"SELECT room_id FROM room WHERE room_id NOT IN ( SELECT room_id
FROM reservation WHERE start_date <= '2016-02-27' AND end_date >= '2016-02-
24')"
)) !== false) {
list($rom) = mysqli_fetch_row($res);
}
}
$statement = mysqli_prepare(
$con,
"INSERT INTO reservation (customer_id,room_id,start_date, end_date)
VALUES(?,?,?,?)"
);
if ($statement === false) {
die(mysqli_error($con));
}
$statement->bind_param('ssss', $cid, $rom, $checkin, $checkout);
if ($statement->execute()) {
echo "New record created successfully";
} else {
echo "Error";
}
}
?>
I have been able to do the select and i am getting 5 values(row) and i want to insert only the first value. How to do it?
if (isset($_POST['signup'])) {
$checkin = mysqli_real_escape_string($con,$_POST['checkin']);
$checkout = mysqli_real_escape_string($con,$_POST['checkout']);
$numroom = mysqli_real_escape_string($con,$_POST['numroom']);
$roomtype = mysqli_real_escape_string($con,$_POST['roomtype']);
$cid=$_SESSION['usr_id'];
if($roomtype=="DeluxeRoom")
{
$rom="SELECT room_id FROM room WHERE roomtype='DeluxeRoom' AND room_id
NOT IN ( SELECT room_id FROM reservation WHERE start_date <= '2016-02-27'
AND
end_date >= '2016-02-24')";
}
$result = mysqli_query($con, $rom);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
echo "id: " . $row["room_id"]. " <br>";
}
} else {
echo "0 results";
}
$sql="INSERT INTO reservation (customer_id,room_id,start_date, end_date)
VALUES('" . $cid . "','" . $row["room_id"] . "','" . $checkin . "','" .
$checkout . "')";
if(mysqli_query($con, $sql)) {
echo "New record created successfully";
} else {
echo "Error";
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.