valoukh Posted March 6, 2008 Share Posted March 6, 2008 Hi all, I'm trying to insert 4 pieces of information into a MySQL table from a HTML form. 3 of the items are user-input and I'd like to have the fourth one (the date) automatically entered. I'm new to this so if anyone can quickly explain what I'm doing wrong that would be great! update_news.php: <form action="update_news_doupdate.php" method="post"> Title: <input type="text" name="title" /> Content: <input type="text" name="content" /> Image: <input type="text" name="image" /> <input type="submit" /> </form> update_news_doupdate.php: <? $sql="INSERT INTO News (Date, Title, Content, Image) VALUES ('CURDATE()','$_POST[title]','$_POST[content]','$_POST[image]')"; if (!mysql_query($sql,$dbh)) { die('Error: ' . mysql_error()); } echo "News item added, thanks!"; mysql_close($dbh) ?> The 3 fields enter perfectly, just can't get today's date in there (I'm getting 0000-00-00). Thanks a lot, valoukh. Link to comment https://forums.phpfreaks.com/topic/94665-php-curdate-to-mysql/ Share on other sites More sharing options...
shocker-z Posted March 6, 2008 Share Posted March 6, 2008 CURDATE() doesnt need to be wrapped in quotes as it's a built in mysql function. <? $sql="INSERT INTO News (Date, Title, Content, Image) VALUES (CURDATE(),'"mysql_real_ escape_string($_POST['title'])"','"mysql_real_ escape_string($_POST['content'])"','"mysql_real_ escape_string($_POST['image'])"')"; if (!mysql_query($sql,$dbh)) { die('Error: ' . mysql_error()); } echo "News item added, thanks!"; mysql_close($dbh) ?> I've also added mysql_real_ escape_string() to help protect you against a few attacks that can be done. Regards Liam Link to comment https://forums.phpfreaks.com/topic/94665-php-curdate-to-mysql/#findComment-484717 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.