Jump to content

mysql_escape_string() help


tbobker

Recommended Posts

[code]
<?php

if(isset($_POST['submit'])) {

$first = $_POST['fname'];
$last = $_POST['lname'];
$address = $_POST['address'];
$email = $_POST['email'];
$pcode = $_POST['pcode'];
$country = $_POST['country'];
$comment = $_POST['comment'];

$conn = mysql_connect("localhost","","");
mysql_select_db("",$conn);

$sql = "insert into petition values ('','','$first','$last','$address','$email','$pcode','$country','$comment');";
$result = mysql_query($sql,$conn);

$sql2 = "select id from petition";
$result2 = mysql_query($sql2,$conn);
$num_rows = mysql_num_rows($result2);




echo "<div height='300px'><h1>Thankyou for signing the petition</h1><br>".$first."&nbsp;".$last." you have made a positive step forward</div>";
echo "<br><h2>You are person&nbsp;<span style='color: red'>".$num_rows."</span>";

}else { echo '
[/code]

i need to mysql_escape_string() the values but i dont know how to do it with multiple values?
Link to comment
https://forums.phpfreaks.com/topic/25627-mysql_escape_string-help/
Share on other sites

What do you mean by "do it with multiple values";

In this case, you can do:
[code]<?php
if(isset($_POST['submit'])) {

$first = mysql_real_escape_string($_POST['fname']);
$last = mysql_real_escape_string($_POST['lname']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$pcode = mysql_real_escape_string($_POST['pcode']);
$country = mysql_real_escape_string($_POST['country']);
$comment = mysql_real_escape_string($_POST['comment']);

$conn = mysql_connect("localhost","","");
mysql_select_db("",$conn);

$sql = "insert into petition values ('','','$first','$last','$address','$email','$pcode','$country','$comment');";
$result = mysql_query($sql,$conn);

$sql2 = "select id from petition";
$result2 = mysql_query($sql2,$conn);
$num_rows = mysql_num_rows($result2);




echo "<div height='300px'><h1>Thankyou for signing the petition</h1><br>".$first."&nbsp;".$last." you have made a positive step forward</div>";
echo "<br><h2>You are person&nbsp;<span style='color: red'>".$num_rows."</span>";

}?>[/code]

Ken

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.