Jump to content

Generated form, how to get POST content and insert it in mysql


Peuplarchie

Recommended Posts

Good day all,

            I'm working on a thing which lets the member create, edit, delet it's own table and data.

 

I have a form in a table which list the table data, this form should add a row.

Here is it's code :

 

$tid = $_GET['id'];
$tname = $_GET['tname'];

$con = mysql_connect($server, $login, $password);
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db($db, $con);

$query = "SELECT * FROM $tname";
$resultv = mysql_query($query); 
if (($resultv)||(mysql_errno == 0))
{
  echo "<table width='100%' border=\"1\">\n";
  echo "<tr>";
  echo "<td align='center'><b>Options</b></td>";  
  if (mysql_num_rows($resultv)>0)
  {
          //loop thru the field names to print the correct headers
          $i = 0;
          while ($i < mysql_num_fields($resultv))
          {
       echo "<th>". mysql_field_name($resultv, $i) . "  <a href=\"tableau.php?act=delcol&opt=tableau&tname=".$tname."&cname=".mysql_field_name($resultv, $i)."\" title=\"DELETE COLUMN : ". mysql_field_name($resultv, $i) . "\"><img src=\"Images/stock_delete-column.png\" align=\"bottom\"></a></th>\n";
       
       $i++;
    }
    echo "</tr>";
   
echo "<tr><form  name=\"formadd\" method=\"post\" action=\"tableau.php?add=row\">\n";
          //loop thru the field names to print the correct headers
          $i = 0;
  echo "<td align='center'><input type=\"submit\" value=\"Ajouter\"></td>";
          while ($i < mysql_num_fields($resultv))
          {
          echo "<td align='center'><input type=\"text\" name=\"". mysql_field_name($resultv, $i) . "\"</td>\n";
          $i++;
          }
echo "</form></tr>\n";  
   
    //display the data
    while ($rowv = mysql_fetch_array($resultv,MYSQL_ASSOC))
    {
      echo "<tr><td><br></td>\n";
      foreach ($rowv as $data)
      {
       if ($data == "") {
        echo "<td align='center'><br></td>\n";
       }else{	
        echo "<td align='center'>". $data . "</td>\n";
       }
      }
    }
  }else{
    echo "<tr><td colspan='" . ($i+1) . "'>No Results found!</td></tr>\n";
  }

echo "</table>";  
}else{
  echo "Error in running query :". mysql_error();
} 

 

 

 

My issue is to receive the data and insert it in the database.

I have know clue how to put the POSTs into variable so I can Insert it in the query..

 

Can somebody help me ?

 

Take care !

Link to comment
Share on other sites

The trick is to do all of the PHP processing before you output any content to the browser. Doing that it'll be easy to determine whether or not you'll need to (re-)display the form, and by the time you know that you should already have retrieved and validated any user input.

At that point it's as simple as using echo htmlspecialchars (), to escape the output (security measure) and add it to the relevant places in the form.

 

PS: The $_POST superglobal is a variable already, an array to be exact. Read more about it in the PHP manual.

Link to comment
Share on other sites

Getting closer...

 


$sql1= 'SHOW TABLES FROM ' .$db .' LIKE '.$tname;
$res1= mysql_query($sql1) OR die('Query 1 error:<br />' .mysql_error());

echo '<table border=1 cellpadding=1 cellspacing=0 width="90%">';
while ( $row= mysql_fetch_row($res1) )
{
    echo '<tr>';
    echo '<td valign="top" align="center">' .$tname. '</td>';
    echo '<td>';
    $sql2= 'SHOW CREATE TABLE ' .$tname;
    $res2= mysql_query($sql2) OR die('Query 2 error:<br />' .mysql_error());
    while ( $table_def= mysql_fetch_row($res2) )
    {
        for ($i=1; $i<count($table_def); $i++)
        {
            echo '<pre>' .$table_def[$i]. '</pre>';
        }
    }
    echo '</tr>';
}
echo '</table>'; 

Link to comment
Share on other sites

  • 2 months later...

I am having similar issue with this code. I want to add "title". This script does not have write title option and I would like to add it to script, but it already has the add video option. That's why I tried to do something like this and I just can't get the script to insert title in the database, if you could help me with this one I would be very thankful. Here is the srcipt

<?
session_start();
include("../func/db_info".".php");
include("logincheck".".php");
logincheck();

$surl = $_SERVER['HTTP_HOST'] ;

if (strip_tags($_POST['add'])){
$vidid=mysql_real_escape_string(strip_tags($_POST['vidid']));

$url = "$vidid";
parse_str( parse_url( $url, PHP_URL_QUERY ), $my_array_of_vars);
$t1=mysql_real_escape_string(strip_tags($_POST['tit1']));
$title="$t1";
parse_str( $title, $my_vars );
mysql_query("INSERT INTO `videos` (`id`, `videoid`, `views`, `title`) VALUES ('', '".$my_array_of_vars['v']."', '0', '".$my_vars['v']."');") or die (mysql_error());
$message="<img src=\"../img/tick-icon.jpg\">";
}
if (strip_tags($_POST['rem'])){
$vidid2=mysql_real_escape_string(strip_tags($_POST['vidid2']));

$url = "$vidid2";
parse_str( parse_url( $url, PHP_URL_QUERY ), $my_array_of_vars );

mysql_query("DELETE FROM videos WHERE id=".$my_array_of_vars['v']."");

$message2="<img src=\"../img/tick-icon.jpg\">";
}
?><head>
<html xmlns:fb="http://ogp.me/ns/fb#">
<title>Admin Panel</title>
<META name="robots" content="NOINDEX,NOFOLLOW" />
<link type="text/css" rel="stylesheet" href="../css/admin.css" />
<link href="../img/favicon.ico" rel="icon" type="image/x-icon" />
<body>
<a href="index.php"><img src="../img/logo.png" border="0"></a>
<div class="banner"><a href="index.php">Delete</a> - <a href="add.php">Add & Remove</a> - <a href="logout.php">Logout</a></div>
<div align="center"><form id="form1" method="post" action="">
Youtube URL: <input type="text" name="vidid" id="vidid">
Title: <input type="text" name="tit1" id="tit1">
<input name='add' type='submit' id='add' value='Add Video' /> <? echo"$message";?><br><br>

Website URL: <input type="text" name="vidid2" id="vidid2">
<input name='rem' type='submit' id='rem' value='Remove Video' /> <? echo"$message2";?><br><br>
Example: <strong>http://<? echo"$surl"; ?>/watch.php?v=25</strong>
</div>
</form>
</body>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.