Jump to content

PHP Insert


conker87

Recommended Posts

I'm using PHP to insert into a database using forms.
This is the code I am using for the form:
[code]<form action="../index.php?database=gamereview" method="post">
<table class="content" width="100%">
  <tr>
    <td width="100%" colspan="2" height="21">REVIEW</td>
  </tr>
  <tr>
    <td width="25%" valign="top">User/Database Name:</td>
    <td width="75%" height="21"><input type="text" name="username" size="30"></td>
  </tr>
  <tr>
    <td width="25%" valign="top">Password:</td>
    <td width="75%" height="21"><input type="password" name="password" size="30"></td>
  </tr>
  <tr>
    <td width="25%" valign="top">Code:</td>
    <td width="75%" height="24"><input type="text" name="code" size="30"> 30 max</td>
  </tr>
  <tr>
    <td width="25%" valign="top">Name:</td>
    <td width="75%" height="25"><input type="text" name="name" size="20"> 20 max</td>
  </tr>
  <tr>
    <td width="25%" valign="top">Platform:</td>
    <td width="75%" height="25"> <input type="text" name="platform" size="20">20 max</td>
  </tr>
  <tr>
    <td width="25%" valign="top">Date:</td>
    <td width="75%" valign="top"><input type="text" name="date" size="20"> 20 max<br><input type="Submit"></td>
  </tr>
</table>
</form>[/code]
This is the code I am using to insert into the database:
[code]<?
$username=$_POST['username'];
$password=$_POST['password'];
$database=$_POST['username'];

$code=$_POST['code'];
$name=$_POST['name'];
$platform=$_POST['platform'];
$date=$_POST['date'];

mysql_connect("db2.awardspace.com",$username,$password) or die("Invalid Username or Password:<br><br>" . mysql_error());
@mysql_select_db($database) or die("Unable to select database");

$query = "INSERT INTO `wow_game_review` VALUES ('','$code','$name','$platform','$date')";mysql_query($query);
echo "<head><META HTTP-EQUIV=Refresh CONTENT='1; URL=news.php'></head>Thanks, redirecting in 1 second...";
mysql_close();
?>[/code]
However, whenever I click submit, I get the following error:
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Warning: mysql_connect(): Access denied for user 'conker87'@'#.#.#.#' (using password: NO) in /home/www/wow-domain.co.uk/include/gamereview_insert.php on line 11
Invalid Username or Password:

Access denied for user 'conker87'@'#.#.#.#' (using password: NO)[/quote]
I checked out the username and password, and they were correct. The username that is shown, 'conker87' is not the username I add into the Username input in the form above.

I used this exact code on my other websites' news insert form, and that works fine.
Anyone see what is going wrong here?
Link to comment
https://forums.phpfreaks.com/topic/7478-php-insert/
Share on other sites

You don't want to use the username/password that your users submit to access the database. The database username/password should be one picked out by either you or your DBA and be (almost) permenant.

The username/password that is entered on your form is checked by your script against any stored in your database.

Ken
Link to comment
https://forums.phpfreaks.com/topic/7478-php-insert/#findComment-27258
Share on other sites

This is used by me only to insert News Articles to be displayed on my site. I ask for my database Username and Password for the form so that if anyone finds the url then they won't beable to insert anything into the database.

The Username and Passwords submitted from this form is that username, database name (that's the hosting) and the password used for the database.

The problem is that it seems to be sending the incorrect information from the form to the script. It only seems to be sending a half of my username and not my password at all.
Link to comment
https://forums.phpfreaks.com/topic/7478-php-insert/#findComment-27322
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.