Jump to content

Archived

This topic is now archived and is closed to further replies.

Arsench

INSERT DB

Recommended Posts

HELLO ALL FRIENDS.I HAVE A HTML FORM WITH ONE FIELD FOR NAME AND PHP FILE WHERE WHEN TYPING ANY NAME AND CLICKING SUBMIT THE NAME MUST BE INSERT INTO DB.i CANT DO IT AND CANT UNDERSTAND WHY LOOK THE BOTH CODE HTML

<html>
<body>
<form id="nam" name="form1" method="post" action="nme.php">
Name
<input type="text" name="nm" />
INSERT
<input type="submit" name="Submit" value="Submit" />
</form>
</body>
</html>

AND THE CODE PHP

<?php
$usr = "29594";
$pwd = "password";
$db = "29594";
$host = "localhost";

if ($REQUEST_METHOD=="post") {

mysql_connect ($host,$usr,$pwd);
mysql_select_db($db);


$SQL = " INSERT INTO adb (Nm)";
$SQL .= " VALUES ('$nm')";

$result = mysql_query($SQL);


echo ("New Name Added\n");

}

mysql_close($SQL);
?>
please help me to correct

Share this post


Link to post
Share on other sites
You are using the post method to parse the data (in your <form method='post')

But you are not calling that value
to call that you need
$nm = $_POST["nm"];

ALSO,
You need to secure this value before doing anything to the DB

[code]
<?php
function MakeSafe($str, $make_lower = false){
if($make_lower){
$str = strtolower($str);
}
$str = stripslashes($str);
$str = trim($str);
$str = strip_tags($str);
$str = mysql_real_escape_string($str);
return $str;
}




$usr = "29594";
$pwd = "password";
$db = "29594";
$host = "localhost";

if ($_POST["nm"]) {

mysql_connect ($host,$usr,$pwd);
mysql_select_db($db);
$nm = MakeSafe($_POST["nm"]);

$SQL = " INSERT INTO adb (Nm)";
$SQL .= " VALUES ('$nm')";

$result = mysql_query($SQL);


echo ("New Name Added\n");

}


?>
[/code]

Share this post


Link to post
Share on other sites
thank you very much dear friends realy only you can:)

can advise me if i have not only one field for text but many?for example

<?php
$usr = "29594";
$pwd = "password";
$db = "29594";
$host = "localhost";

if ($_POST["cat, stn, sturl, desc"]) {

$SQL = " INSERT INTO links (category, sitename, siteurl, description);";
$SQL = . "VALUES ('$cat', '$stn','$sturl','$desc') ";
$result = mysql_db_query($db,"$SQL",$cid);

$result = mysql_query($SQL);

echo ("New Link Added\n");

}


?>
are here any error?Im a begginer and dont know many things.thank you again and again

Share this post


Link to post
Share on other sites
You need to grab the values
$cat = MakeSafe($_POST["cat"]);
$stn = MakeSafe($_POST["stn"]);
ect ect

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.