Jump to content

What is Wrong with this?

Lamez

By Lamez
in PHP Coding Help

 Share

Recommended Posts

Lamez Advanced Member

Lamez

Posted
Posted

I am having tons of problems with this please help me out

 

thanks

 

<?php 
include ("config.php");

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// insert the data
$insert = mysql_query("insert into $table values ($_POST['email']')");
or die("Could not insert data because ".mysql_error());

// print a success message
echo "E-Mail Added To Database, starting to e-mail.";
echo "<meta http-equiv=Refresh content=2; URL=mailing.php>";

}
?>

Link to comment
https://forums.phpfreaks.com/topic/73086-what-is-wrong-with-this/
Share on other sites
Rithiur Newbie

Rithiur

Posted
Posted

There are three parse errors in that code.

 

1. In the code you posted, in line 13 you have $_POST['email'] inside string. This should be $_POST because you are not using curly syntax.

2. Line 13 has extra ; in the end, which should not be there because of the OR in the next line

3. There is extra } at the end in line 20

 

In addition, there is problem in your SQL syntax. You don't have quotes around the email, so MySQL doesn't understand it as string. Also, user input values should always be escaped, when entered into query in order to avoid SQL injections.

 

Here is code that might actually work (plus, I added the mysql_real_escape_string there for escaping user input data)

 

<?php 
include ("config.php");

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// insert the data
$insert = mysql_query("insert into $table values ('" . mysql_real_escape_string($_POST["email"]) . "')")
or die("Could not insert data because ".mysql_error());

// print a success message
echo "E-Mail Added To Database, starting to e-mail.";
echo "<meta http-equiv=Refresh content=2; URL=mailing.php>";

?>

redarrow Advanced Member

redarrow

Posted
Posted

my little say.......

<?php 
include ("config.php");

// connect to the mysql server

$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database

mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// insert the data

// always set a form condiction.....

if(isset($_POST['submit'])){

//<<<<dont post within database statements......

$email=$_POST["email"]; 

$insert = mysql_query("insert into $table values ('$email')");
or die("Could not insert data because ".mysql_error());

// print a success message
echo "E-Mail Added To Database, starting to e-mail.";
echo "<meta http-equiv=Refresh content=2; URL=mailing.php>";

}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.