Jump to content

need help with using mysql in php


Go to solution Solved by Ch0cu3r,

Recommended Posts

so i have  problem with using mysql and php. i wanted to create a guestbook using a table which has: id,date, name,mail,txt and ip. and then i wrote this:

 

 

<?PHP

    $connect = mysql_connect("localhost","","");
    mysql_select_db("site1",$connect);
    mysql_query("SET NAMES utf8") or die(mysql_error());
$read = mysql_query('SELECT  * FROM guestbook ORDER BY date ') or die(mysql_error()) ;
    $mass = mysql_fetch_array($read);
 
  ?>
</head>
  <body>
 
 
  <form action='bb.php?click' method='post'>
name:<input type="text" name="name" /><br />
mail:<input type="text" name="mail" /><br />
comment:<textarea name="txt" rows="7"></textarea><br /> 
adress
   <input type='submit' value='ENTER' />
  </form>  
 
  <?PHP
    if(isset($_GET['click'])) {
    $date = date("Y-m-d");
$mass['ip'] =$_SERVER['REMOTE_ADDR'];
    $_POST['mail'] = htmlspecialchars($_POST['mail']);
    $_POST['mail'] = stripslashes($_POST['mail']);
    $_POST['mail'] = trim($_POST['mail']);
 
    $ins = mysql_query("INSERT INTO guestbook(name,mail,txt)
  VALUES('$_POST[name]','$_POST[mail]','$_POST[txt]')");
 
     if(isset($ins)) {echo $mass['name']." ";echo $mass['mail']." ";echo $mass['date']."<br />";
echo $mass['text']."<br />";
echo "<hr width=100% />";
 
}
     else echo mysql_error(); }
    
  ?>
 
 
and after i insert and submit something it doesnt recognize the $_POST variables because the they dont exist anymore so what should i do???
 
Link to comment
https://forums.phpfreaks.com/topic/284913-need-help-with-using-mysql-in-php/
Share on other sites

  • Solution

and after i insert and submit something it doesnt recognize the $_POST variables because the they dont exist anymore so what should i do???

 

Do you mean the new entry does show up after you insert a record? This is because you get the records from the database first  and then insert a new record.  What you should do is insert a record first and then get all the records afterwards.

<?PHP
$connect = mysql_connect("localhost","","");
mysql_select_db("site1",$connect);
mysql_query("SET NAMES utf8") or die(mysql_error()); 

// Insert a new record
if(isset($_GET['click']))
{
    $date = date("Y-m-d");
	$mass['ip'] = $_SERVER['REMOTE_ADDR'];

    $name = mysql_real_escape_string($_POST['name']);
    $mail = mysql_real_escape_string($_POST['mail']);
    $txt  = mysql_real_escape_string($_POST['txt']);
 
    $ins = mysql_query("INSERT INTO guestbook(name,mail,txt) VALUES('$name','$mail','$txt')");

    if(!$ins)
    	echo mysql_error();
}

?>
<html>
<head>
	<title>Guestbook</title>
</head>
<body>

<form action='bb.php?click' method='post'>
	name:<input type="text" name="name" /><br />
	mail:<input type="text" name="mail" /><br />
	comment:<textarea name="txt" rows="7"></textarea><br /> 
	adress
	<input type='submit' value='ENTER' />
</form>

<?php

// Get the records from the database
$read = mysql_query('SELECT  * FROM guestbook ORDER BY date ') or die(mysql_error()) ;
while($mass = mysql_fetch_assoc($read))
{
	echo '<p>' . $mass['name']." " . $mass['mail'] . " " $mass['date']."<br />";
	echo $mass['text']."</p>";
	echo "<hr width=100% />";
}

?>
</body>
</html>

Note I have used mysql_real_escape_string to protect against SQL injection attacks.

 

Also I would recommend you to start changing your code over other php mysql libraries such as mysqli and pdo as the mysql_* function library is deprecated and could soon be removed.

Edited by Ch0cu3r
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.