JamesThePanda Posted January 15, 2010 Share Posted January 15, 2010 Any Ideas on why this isnt working ? $conn = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); // Note "$conn" param added mysql_select_db(DB_NAME, $conn) or trigger_error('MySQL error: '.mysql_error(), E_USER_ERROR); if (isset($_POST['url']) & isset($_POST['page'])) { // Secure against SQL injection $url8 = $_POST['url']; $page8 = $_POST['page']; // Store the result resource returned $submit9 = mysql_query(" INSERT INTO `wordpress`.`wp_xposts` ( `id` , `postid` , `url`) VALUES ( NULL , `$page8`, `$url8`"); // Remove this part after if you want - just // makes it easier to spot if it's worked... if (mysql_affected_rows() > 0) { echo htmlentities($url8).' was added.'; } else { echo 'There was an error: '.mysql_error(); } } else { print_r($_POST, false); } $sql2 = "SELECT `ID`, `post_title` FROM `wordpress`.`wp_posts` WHERE post_status = 'publish' "; $result2 = mysql_query($sql2) or trigger_error(mysql_error()); echo '<form id="form1" name="form1" method="post" action=""> <label>url <input type="text" name="url" /> </label> <label>pages <select name="select">'; while($row = mysql_fetch_assoc($result2)){ echo ' <option name="page" page="'.$row['ID'].'" value="'.$row['ID'].'">'.$row['post_title'].'</option>'; } echo '</select> Add <input type="submit" name="Submit" value="Submit" /> </label> </form>'; Thanks James Link to comment https://forums.phpfreaks.com/topic/188628-this-isnt-new-fields-in-the-database-any-suggestions/ Share on other sites More sharing options...
RaythMistwalker Posted January 15, 2010 Share Posted January 15, 2010 // Secure against SQL injection $url8 = $_POST['url']; $page8 = $_POST['page']; that isn't securing against SQL injection. Link to comment https://forums.phpfreaks.com/topic/188628-this-isnt-new-fields-in-the-database-any-suggestions/#findComment-995855 Share on other sites More sharing options...
JamesThePanda Posted January 15, 2010 Author Share Posted January 15, 2010 yes that was just a comment left by someone helping Does it need to secure it ? thanks James Link to comment https://forums.phpfreaks.com/topic/188628-this-isnt-new-fields-in-the-database-any-suggestions/#findComment-995862 Share on other sites More sharing options...
Felex Posted January 15, 2010 Share Posted January 15, 2010 what is wrong with this code, cause i dont have an opportunity to test it and couldnt see any wrong at your code. you can get some errors for your insert statement, according to user inputs for $url8, $page8. secure them with mysql_real_escape_string() function. Link to comment https://forums.phpfreaks.com/topic/188628-this-isnt-new-fields-in-the-database-any-suggestions/#findComment-995866 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.