Form to database

prcollin · July 12, 2007

I created a decent form how do i get it to post to a database i created in phpmyadmin mysql. This is what i had to connect

function connect() {

global $servername, $username, $password, $dbname;

$dbconn = mysql_connect($servername, $username, $password) or die(mysql_error());

$select = mysql_select_db($dbname, $dbconn) or die(mysql_error())

and I have a separate file called connect.php that defines the variables

$dbsettings = array(

"servername" => "localhost",

"username" => "prcblog_****",

"password" => "******",

"dbname" => "prcblog_******");

<?php;

pocobueno1388 · July 13, 2007

You use an INSERT query.

<?php

$query = mysql_query("INSERT INTO table_name (col1, col2, col3)
VALUES ('$var1', '$var2', '$var3')")or die(mysql_error());

?>

jchemie · July 13, 2007

hi,

Other than that, one more thing you need to do is call your connect function. dont forget to do that. you might end up struggling to get a connection

prcollin · July 13, 2007

So given the script that i wrote already can any piece it together in a manner that would work please

ill be your friend

Yesideez · July 13, 2007

First define your array then passit to your function:

function connect($server,$user,$pass,$dbname) {
   $dbconn = mysql_connect($server, $user, $pass) or die(mysql_error());
   $select = mysql_select_db($dbname, $dbconn) or die(mysql_error())
  return $select;
}

Then presuming you've set your array call it using something like this:

$dbcon=connect($dbsettings['servername'],$dbsettings['username'],$dbsettings['password'],$dbsettings['dbname']);

EDIT: Forgot to add end brace for the function!

prcollin · July 13, 2007

did everything right and can click submit but still doesnt send to the database

do i have i have to specify a table name

scarhand · July 13, 2007

You use an INSERT query.

<?php

$query = mysql_query("INSERT INTO table_name (col1, col2, col3)
VALUES ('$var1', '$var2', '$var3')")or die(mysql_error());

?>

do not forget that when using INSERT and other things that allow users to edit/input information into your database that you properly protect yourself from SQL injections.

prcollin · July 13, 2007

You use an INSERT query.
<?php

$query = mysql_query("INSERT INTO table_name (col1, col2, col3)
VALUES ('$var1', '$var2', '$var3')")or die(mysql_error());

?>
do not forget that when using INSERT and other things that allow users to edit/input information into your database that you properly protect yourself from SQL injections.

lol how do i do that

pocobueno1388 · July 13, 2007

Use mysql_real_escape_string() on all your use inputted variables that will be inserted into the database.

$var1 = mysql_real_escape_string($_POST['var1']);

Now it would be safe to insert the variable into the DB.

prcollin · July 13, 2007

Use mysql_real_escape_string() on all your use inputted variables that will be inserted into the database.
$var1 = mysql_real_escape_string($_POST['var1']);
Now it would be safe to insert the variable into the DB.

where should that go in my script as compared to the connect() function

Yesideez · July 13, 2007

Place that at the start of your script where you get the contents of your form. You don't need to use this on numbers - I use this when I'm expecting numbers:

$num=intval($_POST['number']);

Sign In

Form to database

Recommended Posts

prcollin

Link to comment

Share on other sites

pocobueno1388

Link to comment

Share on other sites

jchemie

Link to comment

Share on other sites

prcollin

Link to comment

Share on other sites

Yesideez

Link to comment

Share on other sites

prcollin

Link to comment

Share on other sites

scarhand

Link to comment

Share on other sites

prcollin

Link to comment

Share on other sites

pocobueno1388

Link to comment

Share on other sites

prcollin

Link to comment

Share on other sites

Yesideez

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information