insertion problem

lunate · April 27, 2007

hi all ,

i m new to PHP and also in this forum.

please check outthe following code ,specially "query" and point out my errors and also help me to understand and solve it.

i have a table STD in mysql .(rollno int , name char(25) )

i create a simple HTML page.

<body><h2 align="center" > Student Entry </h2>

<tr>

</td></tr>

<tr>

<td>Student Name :</td>

<td>

</tr>

</table>

<br />

</center>

</form>

</body>

then i write a small PHP script as.

<body><?php

$rn=$_POST['rn'];

$sn=$_POST['sn'];

echo $rn ;

echo $sn;

$conn=mysql_connect("localhost","sec","sec");

$db=mysql_select_db("mysql",$conn);

$query=mysql_query("insert into std (rollno , name) values ($rn , $nm )" , $conn);

while ($res=mysql_fetch_row($query))

echo $res[0] ." " .$res[1] ."<br>";

?></body>

please help me .

taith · April 27, 2007

no clue what your trying to do here... but you always want to protect variables before they go into a database...

<body>
<h2 align="center">Student Entry</h2>
<form action="test_insertion.php" method="post">
<table border="2" align="center">
  <tr>
   <td>Roll No :</td>
   <td><input type="text" name="rn" /></td>
  </tr>
  <tr>
   <td>Student Name :</td>
   <td><input type="text" name="sn" /></td>
  </tr>
</table>
<center>
  <input type="submit" value="Submit" />
</center>
</form>
</body>

<body><?php
$rn=addslashes(strip_tags($_POST['rn']));
$sn=addslashes(strip_tags($_POST['sn']));
echo $rn.$sn;
$conn=mysql_connect("localhost","sec","sec");
$db=mysql_select_db("mysql",$conn);

$query=mysql_query("insert into std (rollno , name) values ($rn , $sn)");
while($res=mysql_fetch_row($query)) echo $res[0] ." " .$res[1];

?></body>

Sign In

insertion problem

Recommended Posts

lunate

Link to comment

Share on other sites

taith

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information