ShaolinF Posted January 24, 2009 Share Posted January 24, 2009 Hi Guys I am trying to insert some data into the database but its not working. The db connects and everything and I receive no errors. See code below: $id = $_POST['id']; $name = $_POST['name']; //Connect to DB connect(); $insert = mysql_query("INSERT INTO petition values('','".$id."','".$name.")"); function connect() { $link = mysql_connect('localhost', 'petitUsr', '12345678a'); if (!$link) { die('Could not connect to database: ' . mysql_error()); } $selected = mysql_select_db('petition',$link) or die(mysql_error()); } Anyone know what Im doing wrong? Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/ Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 add or die Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745492 Share on other sites More sharing options...
Mchl Posted January 24, 2009 Share Posted January 24, 2009 add or die Lol... Read it aloud and listen how it sounds. Better yet shout it out: ADD OR DIE!!! Heh... anyway... What Blade meant was add or die(mysql_error()); after your query $insert = mysql_query("INSERT INTO petition values('','".$id."','".$name.")") or die(mysql_error()); Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745496 Share on other sites More sharing options...
ShaolinF Posted January 24, 2009 Author Share Posted January 24, 2009 add or die Thanks, I fixed it now was an error in syntax. Another question, how do I protect from SQL injection? Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745497 Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 Lol, better not shout it out then Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745498 Share on other sites More sharing options...
DeanWhitehouse Posted January 24, 2009 Share Posted January 24, 2009 mysql_real_escape_string is the best and most common way and is good to use in conjunction with other security Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745499 Share on other sites More sharing options...
Mchl Posted January 24, 2009 Share Posted January 24, 2009 Another question, how do I protect from SQL injection? Here's a good read http://www.webappsec.org/projects/articles/091007.shtml Quote Link to comment https://forums.phpfreaks.com/topic/142290-solved-cannot-insert-data/#findComment-745507 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.