Posted 13 April 2006 - 01:21 PM
I have this php code: (password, etc all have valid values at this point)
$link = mysql_connect($hostname,$username, $password);
if (! $link) DIE ("Unable to connect to database! Please try again later.");
$FirstName = $_POST['FirstName'];
$LastName = $_POST['LastName'];
$DJName = $_POST['DJName'];
$Affiliations = $_POST['Affiliations'];
$Address = $_POST['Address'];
$Telelphone = $_POST['Telelphone'];
$Email = $_POST['Email'];
$Passwd = $_POST['Passwd'];
$Format = $_POST['Format'];
$Styles = $_POST['Styles'];
$HowHear = $_POST['HowHear'];
$Comments = $_POST['Comments'];
$PhotoURL = $_POST['PhotoURL'];
$WebSite = $_POST['WebSite'];
mysql_query("INSERT INTO MailingList (FirstName, LastName, DJName, Affiliations, Address, Telelphone, Email, Passwd, Format, Styles, HowHear, Comments, PhotoURL, WebSite, Active, VIP, Invited, Notes) VALUES ('$FirstName', '$LastName','$DJName','$Affiliations','$Address','$Telelphone','$Email','$Passwd','$Format','$Styles','$HowHear','$Comments','$PhotoURL','$WebSite',0,0,0,NULL)");
and this produces no result in the db, however when I go to the sql engine and just use the insert line with some strings it works fine. I am stumped, please help if you can, thanks.
Posted 13 April 2006 - 01:35 PM
Posted 13 April 2006 - 01:53 PM
<?php $link = mysql_connect($hostname,$username, $password) or die('Unable to connect to database! Please try again later.'); mysql_select_db($dbname,$link); $qtmp = array(); foreach ($_POST as $field => $val) if ($field != 'submit') // I'm assuming that your submit button is named "submit" if (trim(stripslashes($val)) != '') $qtmp = $field . "='" . mysql_real_escape_string(trim(stripslashes($val))) . "'"; $q = 'insert into MailingList set ' . implode(', ',$qtmp); echo 'The generated query is: ' . $q . '<br>'; // debugging only -- this will show you the generated query $rs = mysql_query($q) or die('There was a problem with the insert query: ' . $q . '<br>' . mysql_error()); ?>Here's the explanation of the above code.
- I put the"or die" clause on the mysql_connect() line.
- I'm using PHP to create parts of the query for me. The query is the alternative form using the "set" format. I only include the field in the query if it is not blank. I apply the function [a href=\"http://www.php.net/mysql_real_escape_string\" target=\"_blank\"]mysql_real_escape_string()[/a] to each value. This is probably overkill if any of your fields are all numeric.
- I combine the parts to make the complete query using the implode() function.
- Finally, I invoke the mysql_query() function with an "or die" clause to catch any errors.
Posted 13 April 2006 - 02:04 PM
Posted 13 April 2006 - 02:09 PM
Posted 13 April 2006 - 02:16 PM
Its a much better way to go about it as you can just stick that bit of the code in an included file and forget about ever having to mess around with insert & update queries ever again. Much time-saving!
Posted 13 April 2006 - 03:44 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users