ShaolinF Posted January 24, 2009 Share Posted January 24, 2009 Hi Guys I am trying to insert some data into the database but its not working. The db connects and everything and I receive no errors. See code below: $id = $_POST['id']; $name = $_POST['name']; //Connect to DB connect(); $insert = mysql_query("INSERT INTO petition values('','".$id."','".$name.")"); function connect() { $link = mysql_connect('localhost', 'petitUsr', '12345678a'); if (!$link) { die('Could not connect to database: ' . mysql_error()); } $selected = mysql_select_db('petition',$link) or die(mysql_error()); } Anyone know what Im doing wrong? Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/ Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 add or die Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745492 Share on other sites More sharing options...
Mchl Posted January 24, 2009 Share Posted January 24, 2009 add or die Lol... Read it aloud and listen how it sounds. Better yet shout it out: ADD OR DIE!!! Heh... anyway... What Blade meant was add or die(mysql_error()); after your query $insert = mysql_query("INSERT INTO petition values('','".$id."','".$name.")") or die(mysql_error()); Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745496 Share on other sites More sharing options...
ShaolinF Posted January 24, 2009 Author Share Posted January 24, 2009 add or die Thanks, I fixed it now was an error in syntax. Another question, how do I protect from SQL injection? Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745497 Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 Lol, better not shout it out then Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745498 Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 mysql_real_escape_string is the best and most common way and is good to use in conjunction with other security Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745499 Share on other sites More sharing options...
Mchl Posted January 24, 2009 Share Posted January 24, 2009 Another question, how do I protect from SQL injection? Here's a good read http://www.webappsec.org/projects/articles/091007.shtml Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745507 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.