Jump to content

insert data problem


zxiny_chin

Recommended Posts

hi, im having problem with insert data to MySQL db thru the php form. everytime i try to insert thru the php form, what i get is all NULL value in my databse table... im using XAMPP window version 1.5.1(php 5.1.1 + Apache 2.2.0 + MySQL 5.0.18) , Window XP -SP2(i turn off the firewall)... the following is my code for insert part:

$sqlquery = "INSERT INTO Customer (CUS_NAME, CUS_IC, CUS_COMPANY, CUS_COMPANY_ADDRESS, CUS_COMPANY_PHONE, CUS_HOME_ADDRESS, CUS_HOUSE_PHONE, CUS_HP,CUS_EMAIL) VALUES ('$name','$ic','$company','$caddress','$cphone','$haddress','$hphone','$hp','$email')";

$result = mysql_query($sqlquery);

i had tried many way like: using $_POST, '".$VARIABLE."' and other way that i found online/book.. but i still cannot solve the problem. once i press submit, the data wont reach the database and become NULL. it return no error..and my table index is auto increament, so i know there is new data insert but all is NULL value beside the index.


anyone knows the reason or having similar problem?
Link to comment
Share on other sites

ok I'm not sure if you're expecting the superglobals to be on. if they're not, you'd have to set your strings with the desired POST, GET or REQUEST data.

Try something like this:

$sqlquery = "INSERT INTO Customer (CUS_NAME, CUS_IC, CUS_COMPANY, CUS_COMPANY_ADDRESS, CUS_COMPANY_PHONE, CUS_HOME_ADDRESS, CUS_HOUSE_PHONE, CUS_HP,CUS_EMAIL) VALUES ('".$_REQUEST['name']."','$ic','$company','$caddress','$cphone','$haddress','$hphone','$hp','$email')";


see the request? I'm too lazy to fill it in like that at all your fields, but you should see how it handles that.

you could use $_POST as well. Do notice that you have to escape the ', thats why I used ".$_REQUEST['something'].". If you don't, you'll get an error.
Link to comment
Share on other sites

say you have domain.com/index.php

in index.php you write:

echo $gettest;


then open domain.com/index.php?gettest=set in your browser.

if 'set' is printed, globals is on. if it's not, globals is off.

You don't need globals to be on, bad scripting could result in security breaches.

Instead, I use 1 file called vars.php which is included in every other PHP script.

I put a

$values = array ('item1','item2','item3');

in it, followed by a

foreach ($_REQUEST as $key => $value){
if (in_array($key, $values)){
$$key = $value;
}
}


what this basically does, for every GET or POST the page receives, it checks if it's in the array $values, and if it it, $_POST['item1'] will be converted to $item1.

So you create your own little bit more secure global system ;)


also, for every string you insert into a mysql database, you should mysql_real_escape_string();

so:

$sqlquery = "INSERT INTO Customer (CUS_NAME, CUS_IC, CUS_COMPANY, CUS_COMPANY_ADDRESS, CUS_COMPANY_PHONE, CUS_HOME_ADDRESS, CUS_HOUSE_PHONE, CUS_HP,CUS_EMAIL) VALUES ('".mysql_real_escape_string($_REQUEST['name'])."','$ic','$company','$caddress','$cphone','$haddress','$hphone','$hp','$email')";




Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.