Arsench Posted September 19, 2006 Share Posted September 19, 2006 HELLO ALL FRIENDS.I HAVE A HTML FORM WITH ONE FIELD FOR NAME AND PHP FILE WHERE WHEN TYPING ANY NAME AND CLICKING SUBMIT THE NAME MUST BE INSERT INTO DB.i CANT DO IT AND CANT UNDERSTAND WHY LOOK THE BOTH CODE HTML<html><body><form id="nam" name="form1" method="post" action="nme.php">Name<input type="text" name="nm" />INSERT<input type="submit" name="Submit" value="Submit" /></form></body></html>AND THE CODE PHP<?php$usr = "29594";$pwd = "password";$db = "29594";$host = "localhost";if ($REQUEST_METHOD=="post") {mysql_connect ($host,$usr,$pwd);mysql_select_db($db);$SQL = " INSERT INTO adb (Nm)";$SQL .= " VALUES ('$nm')";$result = mysql_query($SQL);echo ("New Name Added\n");}mysql_close($SQL);?> please help me to correct Link to comment https://forums.phpfreaks.com/topic/21262-insert-db/ Share on other sites More sharing options...
onlyican Posted September 19, 2006 Share Posted September 19, 2006 You are using the post method to parse the data (in your <form method='post')But you are not calling that valueto call that you need$nm = $_POST["nm"];ALSO,You need to secure this value before doing anything to the DB[code]<?phpfunction MakeSafe($str, $make_lower = false){if($make_lower){$str = strtolower($str);}$str = stripslashes($str);$str = trim($str);$str = strip_tags($str);$str = mysql_real_escape_string($str);return $str;}$usr = "29594";$pwd = "password";$db = "29594";$host = "localhost";if ($_POST["nm"]) {mysql_connect ($host,$usr,$pwd);mysql_select_db($db);$nm = MakeSafe($_POST["nm"]);$SQL = " INSERT INTO adb (Nm)";$SQL .= " VALUES ('$nm')";$result = mysql_query($SQL);echo ("New Name Added\n");}?>[/code] Link to comment https://forums.phpfreaks.com/topic/21262-insert-db/#findComment-94568 Share on other sites More sharing options...
Arsench Posted September 19, 2006 Author Share Posted September 19, 2006 thank you very much dear friends realy only you can:)can advise me if i have not only one field for text but many?for example<?php $usr = "29594";$pwd = "password";$db = "29594";$host = "localhost";if ($_POST["cat, stn, sturl, desc"]) { $SQL = " INSERT INTO links (category, sitename, siteurl, description);";$SQL = . "VALUES ('$cat', '$stn','$sturl','$desc') ";$result = mysql_db_query($db,"$SQL",$cid);$result = mysql_query($SQL);echo ("New Link Added\n");} ?> are here any error?Im a begginer and dont know many things.thank you again and again Link to comment https://forums.phpfreaks.com/topic/21262-insert-db/#findComment-94586 Share on other sites More sharing options...
onlyican Posted September 19, 2006 Share Posted September 19, 2006 You need to grab the values$cat = MakeSafe($_POST["cat"]);$stn = MakeSafe($_POST["stn"]);ect ect Link to comment https://forums.phpfreaks.com/topic/21262-insert-db/#findComment-94641 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.