Jump to content

Form to database

prcollin

By prcollin
in PHP Coding Help

 Share

Recommended Posts

prcollin Advanced Member

prcollin

Posted
Posted

I created a decent form how do i get it to post to a database i created in phpmyadmin mysql.  This is what i had to connect

 

function connect() {

global $servername, $username, $password, $dbname;

$dbconn = mysql_connect($servername, $username, $password) or die(mysql_error());

$select = mysql_select_db($dbname, $dbconn) or die(mysql_error())

 

and I have a separate file called connect.php that defines the variables

 

$dbsettings = array(

"servername" => "localhost",

"username" => "prcblog_****",

"password" => "******",

"dbname" => "prcblog_******");

 

<?php;

Link to comment
Share on other sites
Yesideez Advanced Member

Yesideez

Posted
Posted

First define your array then passit to your function:

function connect($server,$user,$pass,$dbname) {
   $dbconn = mysql_connect($server, $user, $pass) or die(mysql_error());
   $select = mysql_select_db($dbname, $dbconn) or die(mysql_error())
  return $select;
}

 

Then presuming you've set your array call it using something like this:

$dbcon=connect($dbsettings['servername'],$dbsettings['username'],$dbsettings['password'],$dbsettings['dbname']);

 

EDIT: Forgot to add end brace for the function!

Link to comment
Share on other sites
scarhand Advanced Member

scarhand

Posted
Posted

You use an INSERT query.

 

<?php

$query = mysql_query("INSERT INTO table_name (col1, col2, col3)
VALUES ('$var1', '$var2', '$var3')")or die(mysql_error());

?>

 

do not forget that when using INSERT and other things that allow users to edit/input information into your database that you properly protect yourself from SQL injections.

Link to comment
Share on other sites
prcollin Advanced Member

prcollin

Posted
  • Author
Posted

You use an INSERT query.

 

<?php

$query = mysql_query("INSERT INTO table_name (col1, col2, col3)
VALUES ('$var1', '$var2', '$var3')")or die(mysql_error());

?>

 

do not forget that when using INSERT and other things that allow users to edit/input information into your database that you properly protect yourself from SQL injections.

 

 

lol how do i do that

Link to comment
Share on other sites
prcollin Advanced Member

prcollin

Posted
  • Author
Posted

Use mysql_real_escape_string() on all your use inputted variables that will be inserted into the database.

 

$var1 = mysql_real_escape_string($_POST['var1']);

 

Now it would be safe to insert the variable into the DB.

 

where should that go in my script as compared to the connect() function

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.