the BD table in postgresql is not updated

Question

the BD table in postgresql is not updated

Navigation

#1 by (1 votes)

0

Good morning, I am practicing with PHP and postgresql to do a project for the university and I have not been able to update a table in the BD for two days. I've been changing the syntax reading solutions in different forums and I do not know what it could be :(, I already have everything I need to start developing but as long as I can not update the BD I can not start the project. I appreciate your help.

OS: Ubuntu 16.04

<form action="agregar.php" method="post">
 <p>nombre del switch: <input type="text" name="nombre" /></p>
 <p>puerto: <input type="text" name="puerto" /></p>
 <p>vlan:<input type="vlan" /></p>
 <input type="submit" name="insertar" value="insertar">
</form

add file

<?php

include('conexion.php');

	$nombre=pg_escape_literal($_POST['nombre']);
	$puerto=pg_escape_literal($_POST['puerto']);
	$vlan=pg_escape_literal($_POST['vlan']);

	$query= "INSERT INTO switches (nombre, puerto, vlan) VALUES ('$nombre', '$puerto', '$vlan' )";
	$res = pg_query($query);

?>

connection to the BD

<?php

$dbconn= pg_connect("host=localhost  dbname=centro_de_datos user=postgres password=admin")
	or die ('No se puede conectar a la BD'. pg_last_error());
	?>

php postgresql pgadmin

asked by m3phisto 28.05.2017 в 12:22

source

1 answer

how to change ports 80 and 3306 correctly from xampp 3.2.2 and interact with workbench As I show what brings the variables of a stored procedure with php and mysql [closed]

score 1 · Answer 1

escape

When the literal escapes, it already includes the outside quotes, so you do not have to put them in.

<?php
include('conexion.php');

    $nombre=pg_escape_literal($_POST['nombre']);
    $puerto=pg_escape_literal($_POST['puerto']);
    $vlan=pg_escape_literal($_POST['vlan']);

    $query= "INSERT INTO switches (nombre, puerto, vlan) VALUES ($nombre, $puerto, $vlan)";
    $res = pg_query($query);

?>

You can see an example in the manual: link

verify SQL

When in doubt, it is best to save the SQL statement and then verify it (or paste it into the database console to see why it fails). Reach with putting file_put_contents before doing pg_query :

file_put_contents('sql_generado.sql', $query);

verify the error

pg_last_error() should be used to verify what the error was. This can be sent to the client (with a echo for example) or saved on the server (with file_put_contenst('ultimo_error_sql.txt', pg_last_error())

pass parameters securely:

using pg_query_params you can pass the parameters in an array (without needing to escape them) in a secure way.

eye with accents

When you walk this check that works well to save words with accents and eñes. If you have difficulties then with that you can ask another question and we see it especially.