Jump to content

php insert linked id with table

johnjohny

By johnjohny
in PHP Coding Help

 Share

Recommended Posts

johnjohny Newbie

johnjohny

Posted
Posted

I have a table of albums and songs, if I want to add a song which is linked to my album the "songID" I have to insert it into my database, so I tried to add the id to my button " zie nummers (add-songs) " but it says I have a undefined index id I don't know how to fix this problem.

: code of the table song : 

$db = mysqli_connect($host, $user, $pass,$database);

if($db){

$h.= "";
$h.= "<form><table class='table table-striped table-hover'>";
$h.= "<tr>";
$h.= "<th>Nr.</th>";
$h.= "<th>Songs</th>";


$h.= "<td style='text-align:right;'><a href='/?action=add-songs&id='".$_GET['id']."' class='btn btn-primary'>VOEG TOE</a></td>";

$h.="<br>";
$h.= "</tr>";

$sql = mysqli_query($db,"SELECT * FROM songs WHERE songID = '".$_GET['id']."' ");

if($sql){

if(mysqli_num_rows($sql)>0){

while ($row = mysqli_fetch_assoc($sql)){

$h.= "<tr>";
$h.= "<td>".$row['id']."</td>";
$h.= "<td>".$row['songName']."</td>";
$h.= "</tr>";
}

}else{

echo "<tr>No Recore Found</tr>";

}

$h.= "</table></form>";

echo $htop;
echo $h;
echo $hbot;

code of add-songs : 

$db = mysqli_connect($host, $user, $pass,$database);

if($_GET['action3'] == "2"){

mysqli_query($db, "INSERT INTO songs (songName, songID) VALUES ('".$_GET['songname']."')");
header("Location: /?action=show-songs");

}

$h = "";
$h.= "";

$h.= "<form><input type='hidden' name='action' value='add-songs'><input type='hidden' name='action3' value='2'><input type='hidden' name='id' value='ids'><table class='table table-striped'>";
$h.= " <tr>";
$h.= " <td><b>Nummer</b></td>";
$h.= " <td><input type='text' name='songname' class='form-control' placeholder='Naam'></td>";
$h.= " </tr>";
$h.= " <tr>";
$h.= " <td colspan='2'><input class='btn btn-primary' type='submit' value='UPDATE'></td>";
$h.= " </tr>";
$h.= "</table></form>";

echo $htop;
echo $h;
echo $hbot;

Link to comment
https://forums.phpfreaks.com/topic/302962-php-insert-linked-id-with-table/
Share on other sites
Destramic Advanced Member

Destramic

Posted
Posted (edited)

You need to check $_GET['id'] exists...also your code is vulnerable to Cross-Site Request Forgery Atacks (CSRF) and SQL Injection

 

I'd suggest to use PHP PDO instead of the mysqli extension.

Edited by Destramic
gizmola Prolific Member

gizmola

Posted
Posted

This depends on your database schema. Often with mysql people will utilize AUTO_INCREMENT which uses mysql built in sequence generation.

 

When you do the INSERT, you should not specify the ID column in the INSERT. Mysql will fill it with a valid sequence number when the insert occurs. You can then use a routine in the mysql api to get the newly allocated ID if you need it.

 

mysqli_query($db, "INSERT INTO songs (songName) VALUES ('{$_GET['songname']}')");
You might want to note how I interpolated the array variable in a cleaner way using {} to surround it rather than all that concatenation which is hard to read, not to mention error prone.
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.