Click here to Skip to main content
13,796,787 members
Rate this:
 
Please Sign up or sign in to vote.
See more:
Hey, I'm new to mysql and am having trouble with adding information to a database. Error "Data Not Inserted Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in... on line 56. How can I fix this? Thanks.



<?php

// php code to Insert data into mysql database from input text
if(isset($_POST['submit']))
{
    $hostname = "localhost";
    $username = "";
    $password = "";
    $databaseName = "";
    
    // get values form input text and number

   $title = $_POST['title'];
   $first_name = $_POST['first_name'];
   $surname = $_POST ['surname'];
   $gender = $_POST ['gender'];
   $dob = $_POST ['dob'];
   $street_address = $_POST ['street_address'];
   $suburb = $_POST ['suburb'];
   $state = $_POST ['state'];
   $home_phone = $_POST ['home_phone'];
   $mobile_phone = $_POST ['mobile_phone'];
   $work_phone = $_POST ['work_phone'];
   $email = $_POST ['email'];
   $martial_status = $_POST ['martial_status'];
   $occupation = $_POST ['occupation'];
   $parent_name = $_POST ['parent_name'];
   $preferred_dr = $_POST ['preferred_dr'];
   $medicare_no = $_POST ['medicare_no'];
   
   //$allergies = $_POST ['allergies'];
   //$postcode = $_POST ['postcode'];
    // connect to mysql database using mysqli

    $connect = mysqli_connect($hostname, $username, $password, $databaseName);
    
    // mysql query to insert data

   $query = "INSERT INTO `Patient Details Table` (`Title`, `First Name`, `Surname`, `Gender`, `D.O.B`, `Street Address`, `Suburb`, `State`, `Home Phone`, `Mobile Phone`, `Work Phone`, `Email`, `Martial Status`, `Occupation`, `Parent Name`, `Preferred Dr`, `Medicare No.`) VALUES ('$title', '$first_name', '$surname', '$gender', '$dob', '$street_address', '$suburb' '$state', '$home_phone', '$mobile_phone', '$work_phone', '$email', '$martial_status', '$occupation', '$parent_name', '$preferred_dr', '$medicare_no')";
   //$query = "INSERT INTO `Postcode Table` (`Suburb`, `Postcode`) VALUES ('$suburb', '$postcode')";
   //$query = "INSERT INTO `Allergy Table` (`Allergy`) VALUES ('$allergies')";

    $result = mysqli_query($connect,$query);
    
    // check if mysql query successful

    if($result)
    {
        echo 'Data Inserted';
    }
    
    else{
        echo 'Data Not Inserted';
    }
    
    mysqli_free_result($result);
    mysqli_close($connect);
}

?>


What I have tried:

The code was originally off a video on how to add inputted information into databases. I have made a few changes in order for it to suit my needs. However, I cannot get it working. Any help you be great. Thanks.
Posted 31-Aug-17 3:44am
Updated 31-Aug-17 14:37pm
v2
Comments
Mohibur Rashid 31-Aug-17 23:21pm
   
Are those spaces in your table name and field name?
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 2

Read the documentation:
Return Values

Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return TRUE.
You are executing an INSERT statement for which the return value is always a boolean. So there is not even no need to call mysqli_free_result() but it is wrong because you (should) know that $result can't be a mysqli_result.

The original source on which your code is based was probably executing a SQL commmand that will return a mysqli_result. But even then your code would be wrong because it should be only freed upon success.

As you can see it is better to write your own code from scratch than modifying existing code (especially if you are a beginner). If the code you have used as base also calls mysqli_free_result() outside a conditional block as in your posted code, it is even worse: You have copied code doing it wrong.

If you need example code for PHP database operations, refer to the official documentation. See for example my above link. It contains a lot of example code.
  Permalink  
Comments
Member 13387451 31-Aug-17 18:50pm
   
Ok thanks, I'll try it
Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 3

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Cookies | Terms of Service
Web05 | 2.8.181207.3 | Last Updated 31 Aug 2017
Copyright © CodeProject, 1999-2018
All Rights Reserved.
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100