php-general Digest 13 Apr 2010 03:24:10 -0000 Issue 6689
Topics (messages 304005 through 304020):
Re: Inserting into multiple tables
304005 by: Gary
304010 by: tedd
304012 by: Gary
Re: Mail Function Problem
304006 by: Kevin Kinsey
304007 by: Alice Wei
304008 by: Teus Benschop
304009 by: kranthi
304011 by: Kevin Kinsey
304015 by: Alice Wei
304017 by: Karl DeSaulniers
304018 by: Alice Wei
304019 by: kranthi
304020 by: Alice Wei
Solution
304013 by: Gary
304014 by: Peter Lind
304016 by: Karl DeSaulniers
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Nathan
Thank you for your excellent explanation! One of the reasons I love this
board is the vast knowledge that people are willing to share.
I believe I understand the importance of normalization, however one of my
original questions seems to still stand.
If normalization is so important, why is it that the INSERT INTO multiple
tables is not a standard command or procedure?. I'm not saying it has to be
easy, but it should be well known. I really thought when I first asked the
question I was going to get multiple similar answers, or someone was going
to look at my script and tell me I omitted some simple puncuatuion (or other
simple mistake)...which has not been the case.
Even if the answer were "Cant be done", you need to write a separate script
for each insert, that would be ok. But I have to think that someone reading
this board has accomplished, somehow, writing to separate tables in the same
DB.
Again, thank you for all the information and your time.
Gary
"Nathan Rixham" <nrix...@gmail.com> wrote in message
news:4bc21b88.3090...@gmail.com...
> Gary wrote:
>> Adam
>>
>> Thank you for your well thought out response.
>>
>> Two points:
>>
>> I did not include any anti-injection functions because this was an
>> experiment for multiple tables, it is on my machine only.
>>
>> Since these are php scripts, I dont think anyone will mind (not to
>> mention
>> this board always provides great answers).,
>>
>> However I think I may have answered my question about the importance of
>> normalization of tables. I have written a number of databases used on
>> various web sites, however, they all are used as a collection of data
>> from
>> input forms.
>>
>> Most of the information about mutilple tables deals with the retreval of
>> data from, not inserting into, meaning they are more used for known data
>> inserted by the database owner/administrator to be retrieved by queries
>> into
>> the DB.
>>
>> Am I on the right track?
>>
>
> I'm unsure if this is of use to you or not (and it has been covered in
> part already), but here goes:
>
> Generally when working with database tables, we normalise, or split
> information up at natural points where you have a greater than 1-1
> relationships between the data items.
>
> An example may be a table structure to store User, Blog Post and Comments.
>
> With this common example it's very inefficient to store all the
> information in one table, because it is split naturally in to three.
>
> We have three relationships here; all 1-* (meaning "one to many").
>
> 1 User to * Blog Posts
> 1 Blog Post to * Comments
>
> Thus naturally, and on first glance we would have 3 tables:
>
> | Table User
> --------------------------------------
> | UserID | Username | Password | ...
>
>
> | Table BlogPost
> --------------------------------------
> | PostID | PostTitle | PostersUserID | ...
>
>
> | Table Comment
> --------------------------------------
> | CommentID | CommentOnPostID | CommentersUserID | ...
>
>
> As you can see from the above, all of the rows (or items) in our tables
> are linked via IDs to each other.
>
> We can further normalise the above tables to take in to account *-*
> (many to many) type relationships, and to fully separate cross cutting
> concerns. For instance it may be that a BlogPost has 3 different Users
> as author(s).
>
> aside: cross cutting concerns can be considered as something (in this
> case a table) trying to handle something which is of no concern to it
> (in this case the BlogPost table needs to be aware of Users and their
> IDs).
>
> To handle the aforementioned we can introduce something commonly
> referred to as "link tables", consider:
>
>
> | Table User
> --------------------------------------
> | UserID | Username | Password | ...
>
>
> | Table BlogPost
> --------------------------------------
> | PostID | PostTitle | ...
>
>
> | Table BlogPostAuthors
> --------------------------------------
> | BlogPostID | UserID |
>
>
> The "link table" BlogPostAuthors acts as a many-to-many join table
> between BlogPosts and Users. Similarly we could introduce the same kind
> of link table between BlogPosts and Comments, / Users and Comments.
>
> In a real system we may even have another two primary tables introduced,
> Roles and UserRoles, as the system may have multiple Roles (Author,
> Commenter, Admin etc) and each User may have multiple Roles themselves,
> in one capacity I am an Admin, in another I'm an Author. (UserRoles may
> be better considered as Personas?)
>
> Ultimately there are many considerations to take in to account, the
> relationships between types of data, the frequency at which
> inserts/updates/selects occur, the complexity and speed of each query,
> and much more.
>
> Designing a table structure is different for each job, with different
> considerations and things to weigh up, generally though normalisation
> can cater for at least some future scope creep.
>
> It's also worth noting that some consider it bad practise to design a
> system from the storage point upwards, because the application and data
> should not be constrained by persistence layer features or limitations -
> which would indicate designing the data model in UML or suchlike and
> dealing with Objects rather than Tables (then later mapping objects to
> tables in order to persist them, if choosing a RDBMS as the persistence
> layer).
>
> It may also be worth noting that an EAV model is the ultimate in
> normalisation and allows all data to be persisted in a single 3 column
> structure (or 4 if you partition data). I'll save details of this though.
>
> Do hope that helps in some way, and if you need any more info just shout.
>
> Nathan
>
> __________ Information from ESET Smart Security, version of virus
> signature database 5021 (20100412) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
__________ Information from ESET Smart Security, version of virus signature
database 5021 (20100412) __________
The message was checked by ESET Smart Security.
http://www.eset.com
--- End Message ---
--- Begin Message ---
At 11:05 AM -0400 4/12/10, Gary wrote:
-snip-
If normalization is so important, why is it that the INSERT INTO multiple
tables is not a standard command or procedure?.
In my view, you are mixing apples and oranges.
"Normalization" is simply cutting down on repetition. Inserting data
into multiple tables is a different critter -- it doesn't make
"Normalization" any better or worse.
Just figure out what data you need to acquire, what tables you need
to store it in, and then what references you need to what
tables/fields to use it while reducing repetition.
For example if you have a customer table, you don't need to add all
the customer data to each sales receipt (sales table) when you can
simply record the customer's ID.
Likewise with the items that are sold, you don't need to include all
the items attributes in the sales receipt (sales table) when you can
simply record the items' ID.
None of the above requires some special way to inserting data into
multiple tables -- you just record the sales.
Sales table
Sales ID -- Customer ID -- Item ID -- and probably the date.
1234 -- 6789 -- 101112131415 -- 4/12/10
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--- End Message ---
--- Begin Message ---
Tedd
Thanks for your response, perhaps I was completely missing this or my powers
of expanation have gone out the window.
I have found a solution and I am going to put it in its own post.
Thanks again.
gary
"tedd" <tedd.sperl...@gmail.com> wrote in message
news:p0624080ac7e9123f4...@[192.168.1.102]...
> At 11:05 AM -0400 4/12/10, Gary wrote:
> -snip-
>>If normalization is so important, why is it that the INSERT INTO multiple
>>tables is not a standard command or procedure?.
>
> In my view, you are mixing apples and oranges.
>
> "Normalization" is simply cutting down on repetition. Inserting data into
> multiple tables is a different critter -- it doesn't make "Normalization"
> any better or worse.
>
> Just figure out what data you need to acquire, what tables you need to
> store it in, and then what references you need to what tables/fields to
> use it while reducing repetition.
>
> For example if you have a customer table, you don't need to add all the
> customer data to each sales receipt (sales table) when you can simply
> record the customer's ID.
>
> Likewise with the items that are sold, you don't need to include all the
> items attributes in the sales receipt (sales table) when you can simply
> record the items' ID.
>
> None of the above requires some special way to inserting data into
> multiple tables -- you just record the sales.
>
> Sales table
>
> Sales ID -- Customer ID -- Item ID -- and probably the date.
> 1234 -- 6789 -- 101112131415 -- 4/12/10
>
> Cheers,
>
> tedd
>
>
> --
> -------
> http://sperling.com http://ancientstones.com http://earthstones.com
>
> __________ Information from ESET Smart Security, version of virus
> signature database 5022 (20100412) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
__________ Information from ESET Smart Security, version of virus signature
database 5023 (20100412) __________
The message was checked by ESET Smart Security.
http://www.eset.com
--- End Message ---
--- Begin Message ---
Alice Wei wrote:
Hi!
You have the following php.ini params:SMTP = smtp.live.com
smtp_port = 587
live.com not support relay and it requires authentication.
Is there an email account that I could try? I thought
> most email accounts requires authentication anyway.
Well, "therein lies the rub," as the Bard said (maybe).
PHP's mail() was built on a general assumption that
there would be a local SMTP server. It supports remote
SMTP, but I'm not aware of any ability to do SMTP auth,
even in the PEAR packages.
You might just wanna read up on mail in general. The
php.net/mail page lists several relevant RFC's, and
has links to most of the PEAR mail classes, etc.
You should definitely read up on live.com's email
configuration. If they use SMTP auth, I'm not sure
you can do this (per above). If it uses, say, "POP
before SMTP" for authorization, you might be able to
hack something together with the PHP IMAP functions, or
even sockets, but you're getting into a big lotta work
for what seems a small thing.
Kevin Kinsey
--- End Message ---
--- Begin Message ---
> Date: Mon, 12 Apr 2010 11:09:42 -0500
> From: k...@daleco.biz
> To: aj...@alumni.iu.edu
> CC: a.bovane...@gmail.com; php-gene...@lists.php.net
> Subject: Re: [PHP] Mail Function Problem
>
> Alice Wei wrote:
> >> Hi!
> >> You have the following php.ini params:SMTP = smtp.live.com
> >>
> >> smtp_port = 587
> >> live.com not support relay and it requires authentication.
> >
> > Is there an email account that I could try? I thought
> > most email accounts requires authentication anyway.
>
> Well, "therein lies the rub," as the Bard said (maybe).
> PHP's mail() was built on a general assumption that
> there would be a local SMTP server. It supports remote
> SMTP, but I'm not aware of any ability to do SMTP auth,
> even in the PEAR packages.
>
> You might just wanna read up on mail in general. The
> php.net/mail page lists several relevant RFC's, and
> has links to most of the PEAR mail classes, etc.
>
> You should definitely read up on live.com's email
> configuration. If they use SMTP auth, I'm not sure
> you can do this (per above). If it uses, say, "POP
> before SMTP" for authorization, you might be able to
> hack something together with the PHP IMAP functions, or
> even sockets, but you're getting into a big lotta work
> for what seems a small thing.
>
This is what I am talking about.
Two years ago when I first set up my own server with Linux and not Windows, I
never had to deal with this.
Perhaps the authentication has since then got stricter, but it should not be so
much of a heck of a deal.
I found this doc from ATT's website,
http://helpme.att.net/pdf/uverse/uverse_hsi_qsg_english.pdf, so obviously the
smtp server I provided earlier is probably not up to date.
I think I will fiddle around with the php.ini file and see what else is there.
Thanks.
Alice
_________________________________________________________________
Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_1
--- End Message ---
--- Begin Message ---
On Mon, 2010-04-12 at 12:58 -0400, Alice Wei wrote:
> Hi,
>
> I found an article on the item you described.
> http://www.talkphp.com/vbarticles.php?do=article&articleid=51&title=sending-emails-with-the-zend-framework,
> but I am using Windows on my PHP. Would this still work? Looks like the
> example code it provided is from a Linux system.
>
> I also saw info. on this link:
> http://activecodeline.com/sending-emails-via-zend_mail-using-google-email-account.
> Since all the authentication is done here in one go, what should I edit on
> my PHP.ini file? Do I have to set the params as
> http://helpme.att.net/pdf/uverse/uverse_hsi_qsg_english.pdf is described? I
> use U-Verse from AT&T, by by way.
>
> [mail function]
> ; For Win32 only.
> SMTP = smtp.att,yahoo.com
> smtp_port = 465
>
> ; For Win32 only.
> sendmail_from = elite.engl...@att.net
>
There's no need to edit anything in php.ini, and, since it is pure PHP,
it should work on Windows too, though I didn't try it. It works well on
Linux. Here's the class we used to send mail through Zend_Mail:
<?php
class Mail_Send
{
public function __construct($to_mail, $to_name, $subject, $body)
{
$config_general = Database_Config_General::getInstance ();
$mail = new Zend_Mail();
$mail->setFrom($config_general->getSiteMailAddress(),
$config_general->getSiteMailName());
$mail->addTo($to_mail, $to_name);
$mail->setSubject($subject);
$mail->setBodyText($body, "UTF-8");
$smtp_host = $config_general->getMailSendHost();
$smtp_authentication = $config_general->getMailSendAuthentication
();
$smtp_user = $config_general->getMailSendUsername();
$smtp_password = $config_general->getMailSendPassword();
$smtp_security = $config_general->getMailSendSecurity();
$smtp_port = $config_general->getMailSendPort();
if ($smtp_host != "") {
if ($smtp_authentication != "None") {
$config = array ('auth' => $smtp_authentication, 'username' =>
$smtp_user, 'password' => $smtp_password);
$mta = new Zend_Mail_Transport_Smtp($smtp_host);
}
if ($smtp_security != "NONE") {
$config = array_merge ($config, array ('ssl' =>
$smtp_security));
}
if ($smtp_port != "") {
$config = array_merge ($config, array ('port' => $smtp_port));
}
if (isset ($config)) {
$mta = new Zend_Mail_Transport_Smtp($smtp_host, $config);
} else {
$mta = new Zend_Mail_Transport_Smtp($smtp_host);
}
$mail->send($mta);
} else {
// If no smtp host is given, it uses the default sendmail mail
transport agent.
$mail->send();
}
}
}
?>
Hope it works,
Teus.
--- End Message ---
--- Begin Message ---
PEAR's mail package does support authentication.
http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
In case you get a "Sent Successfully" message (but didn't get a mail
in your inbox or spam folder) there is a problem with your SMTP server
configuration. And
>> There's no need to edit anything in php.ini, and, since it is pure PHP,
>> it should work on Windows too (i tried it and it works)
KK.
--- End Message ---
--- Begin Message ---
kranthi wrote:
PEAR's mail package does support authentication.
http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
I will say "mea culpa" on this one; apparently I didn't
dig deep enough into the PEAR docs to figure this out.
It's certainly not mentioned on the manpage at php.net,
but, of course, the PEAR stuff is elsewhere. I read over
the first page linked from the PHP manpage, so it must
have been a lil' deeper than that. If it's only available
at about.com (lol), I'd suggest filing a PR with the PEAR
folk's documentation team, eh?
But, this time I'll do what I shoulda mentioned before and
include the "IANAE" disclaimer on all things PEAR, many
things PHP, and some things SMTP.
Kevin Kinsey
--- End Message ---
--- Begin Message ---
Hi,
Thanks to everyone's suggestions, I have followed some instructions from
http://www.geeksengine.com/article/install-pear-on-windows.html and attempted
to install PEAR. The problem is, when I do a test page, which only has:
<?php
error_reporting(-1);
require_once "PEAR.php"; ?>. utor
It only gives me a blank page, with no errors. Has anyone who succeeded with
using PEAR on PHP can guide me on a good tutorial to read?
Thanks for your help.
Alice
> Date: Mon, 12 Apr 2010 15:54:05 -0500
> From: k...@daleco.biz
> To: kranthi...@gmail.com
> CC: aj...@alumni.iu.edu; php-gene...@lists.php.net
> Subject: Re: [PHP] Mail Function Problem
>
> kranthi wrote:
> > PEAR's mail package does support authentication.
> > http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
> >
>
> I will say "mea culpa" on this one; apparently I didn't
> dig deep enough into the PEAR docs to figure this out.
> It's certainly not mentioned on the manpage at php.net,
> but, of course, the PEAR stuff is elsewhere. I read over
> the first page linked from the PHP manpage, so it must
> nks ve been a lil' deeper than that. If it's only available
> at about.com (lol), I'd suggest filing a PR with the PEAR
> folk's documentation team, eh?
>
> But, this time I'll do what I shoulda mentioned before and
> include the "IANAE" disclaimer on all things PEAR, many
> things PHP, and some things SMTP.
>
> Kevin Kinsey
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
--- End Message ---
--- Begin Message ---
Hi Alice,
I have a sendmail script I wrote on my way to learning PHP.
Uses PHP 4 i believe, maybe 5. Wrote it a while ago.
You and anyone else are welcome to use it/modify.
You can reference this php it from multiple forms.
Just specify the form names it should accept and their parameters.
It can also send HTML results with a little modification.
It isn't necessarily set up for mass emailing, but with a little
tweaking, I am sure you could get it to work.
You can separate the emails with comas "," currently and it will send
to all of them, but if they are in the TO:,
everyone will see everyones email address.
Might set it up to send to your email in the TO: and use the BCC: to
send to your users.
If you do convert it, mind sharing back?? :))
HTH,
http://designdrumm.com/sendmail_gen.php.zip
Karl
On Apr 12, 2010, at 5:31 PM, Alice Wei wrote:
Hi,
Thanks to everyone's suggestions, I have followed some instructions
from http://www.geeksengine.com/article/install-pear-on-windows.html
and attempted to install PEAR. The problem is, when I do a test page,
which only has:
<?php
error_reporting(-1);
require_once "PEAR.php"; ?>. utor
It only gives me a blank page, with no errors. Has anyone who
succeeded with using PEAR on PHP can guide me on a good tutorial to
read?
Thanks for your help.
Alice
Date: Mon, 12 Apr 2010 15:54:05 -0500
From: k...@daleco.biz
To: kranthi...@gmail.com
CC: aj...@alumni.iu.edu; php-gene...@lists.php.net
Subject: Re: [PHP] Mail Function Problem
kranthi wrote:
PEAR's mail package does support authentication.
http://email.about.com/od/emailprogrammingtips/qt/
PHP_Email_SMTP_Authentication.htm
I will say "mea culpa" on this one; apparently I didn't
dig deep enough into the PEAR docs to figure this out.
It's certainly not mentioned on the manpage at php.net,
but, of course, the PEAR stuff is elsewhere. I read over
the first page linked from the PHP manpage, so it must
nks ve been a lil' deeper than that. If it's only available
at about.com (lol), I'd suggest filing a PR with the PEAR
folk's documentation team, eh?
But, this time I'll do what I shoulda mentioned before and
include the "IANAE" disclaimer on all things PEAR, many
things PHP, and some things SMTP.
Kevin Kinsey
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your
inbox.
http://www.windowslive.com/campaign/thenewbusy?
ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--- End Message ---
--- Begin Message ---
> Date: Mon, 12 Apr 2010 15:54:05 -0500
> From: k...@daleco.biz
> To: kranthi...@gmail.com
> CC: aj...@alumni.iu.edu; php-gene...@lists.php.net
> Subject: Re: [PHP] Mail Function Problem
>
> kranthi wrote:
> > PEAR's mail package does support authentication.
> > http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
> >
>
> I will say "mea culpa" on this one; apparently I didn't
> dig deep enough into the PEAR docs to figure this out.
> It's certainly not mentioned on the manpage at php.net,
> but, of course, the PEAR stuff is elsewhere. I read over
> the first page linked from the PHP manpage, so it must
> have been a lil' deeper than that. If it's only available
> at about.com (lol), I'd suggest filing a PR with the PEAR
> folk's documentation team, eh?
>
> But, this time I'll do what I shoulda mentioned before and
> include the "IANAE" disclaimer on all things PEAR, many
> things PHP, and some things SMTP.
>
> Kevin Kinsey
I tried installing the Pear Mail package, it is now located in php/PEAR/Mail,
and my code is located in the htdocs. Here is the code:
require_once("Mail.php");
$mail = Mail::factory("mail");
$your_name = $_POST['your_name'];
$email = $_POST['email'];
$question = $_POST['question'];
$comments= $_POST['comments'];
$submit = $_POST['submit'];
if($_POST['submit']=="Submit") {
$from = "elite.engl...@att.net";
$to = $email;
$subject = "Comments Regarding HH Web Design Studio";
$body = "From: $your_name\n E-Mail: $email\n Reason Contact: $question\n
Comments:\n $comments";
$host = "smtp.att.yahoo.com";
$username = "my_user_name";
$password = "password";
$headers = array ('From' => $from,
'To' => $to,
'Subject' => $subject);
$mail->send($to, $headers, $body);
if (PEAR::isError($mail)) echo "<p>" . $mail->getMessage() . "</p>";
This is what I get:
Fatal error: Class 'Mail' not found in C:\xampp\htdocs\Alice.Wei\web\mail.php
on line 30
Do I need to move the Mail PEAR class to the same folder as my web folder? How
can I make sure that my Pear is running?
Thanks for your help.
Alice
_________________________________________________________________
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4
--- End Message ---
--- Begin Message ---
thats weired...
Mail.php contains the class Mail. So getting a "class not found" error
is not possible... (require_once stops the script in case it can't
find Mail.php)
>> Do I need to move the Mail PEAR class to the same folder as my web folder
ensure that C:/xampp/php/PEAR folder is added to your include list
--- End Message ---
--- Begin Message ---
> From: kranthi...@gmail.com
> Date: Tue, 13 Apr 2010 07:41:19 +0530
> Subject: Re: [PHP] Mail Function Problem
> To: aj...@alumni.iu.edu
> CC: k...@daleco.biz; php-gene...@lists.php.net
>
> thats weired...
> Mail.php contains the class Mail. So getting a "class not found" error
> is not possible... (require_once stops the script in case it can't
> find Mail.php)
> >> Do I need to move the Mail PEAR class to the same folder as my web folder
> ensure that C:/xampp/php/PEAR folder is added to your include list
I thought so too, this is what I have in my php.ini:
; PHP's default setting for include_path is ".;/path/to/php/pear"
; http://php.net/include-path
include_path = ".;C:\xampp\php\PEAR"
This is the contents of my C:\xampp\php\PEAR\Mail:
mail.php
mime.php
mimeDecode.php
mimePart.php
null.php
RFC822.php
sendmail.php
smtp.php
Unless, I have to do require_once("mail.php")?
I am getting confused.
Alice
_________________________________________________________________
Hotmail is redefining busy with tools for the New Busy. Get more from your
inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2
--- End Message ---
--- Begin Message ---
For those that were looking to see a solution, this is what I have come up
with. It was pointed out on another board (MySQL) that inserting multiple
in one script is probably prohibited because of security reasons.
What I did was open the connection, insert into the table, close the
connection, close the php script, then start over again. This is the code:
$dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to
MySQL server');
$query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";
$result=mysqli_query($dbc, $query)
or die('Error querying database.');
mysqli_close($dbc);
?>
<?php
$dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to
MySQL server');
$query="INSERT INTO address (street, town, state,
zip)"."VALUES('$street','$town','$state','$zip')";
$result=mysqli_query($dbc, $query)
or die('Error querying database.');
mysqli_close($dbc);
?>
It seems a little redundant for PHP, however it seems to work.
Thank you to everyone that responded. If by the way someone sees an issue
with this solution, I would love to read it.
Gary
""Gary"" <g...@paulgdesigns.com> wrote in message
news:c7.00.11452.a84e1...@pb1.pair.com...
> Tommy
>
> Thanks for your reply. The code you had read I was trying to concatonate
> the insert commands without the semicolon at the end....I had also tried
> using the semicolons on each line...same result.
>
> I am reading about the mysqli_multi_query now, so far I am not getting the
> results. Interestingly, it lead me to the mysqli_store_result(), however
> it said it returned a false result on the insert command.
>
> Thank you for your reply...
>
> Gary
>
>
> ""Tommy Pham"" <tommy...@gmail.com> wrote in message
> news:013601cad93e$e0bca6a0$a235f3...@com...
> Hi Gary,
>
>> -----Original Message-----
>> From: Gary [mailto:gwp...@ptd.net]
>> Sent: Saturday, April 10, 2010 2:28 PM
>> To: php-gene...@lists.php.net
>> Subject: [PHP] Inserting into multiple tables
>>
>> I am experimenting with multiple tables, it is only a test that is my
>> local
>> machine only. This is the current code, which does not work , I have
>> tried
>> to concatonate the insert statements. I have tried multiple $query
>> variables, but it is just overwriting itself (only the last one gets
>> inserted). I also tried writing the $query as an array, which got me an
>> error message (saying it was expecting a string and I offered an
>> array).
>>
>> Someone point me in the right direction?
>>
>> Gary
>>
>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
>> <html xmlns="http://www.w3.org/1999/xhtml";>
>> <head>
>> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
>> <title>Untitled Document</title>
>> </head>
>>
>> <body>
>>
>> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
>>
>> <label>First Name </label> <input name="fname" type="text" /><br /><br
>> />
>> <label>Last Name </label><input name="lname" type="text" /><br /><br />
>> <label>Street Address </label><input name="street" type="text" /><br
>> /><br
>> />
>> <label>Town </label><input name="town" type="text" /><br /><br />
>> <label>State </label><input name="state" type="text" /><br /><br />
>> <label>Zip Code</label><input name="zip" type="text" /><br /><br />
>> <label>Telephone</label><input name="phone" type="text" /><br /><br />
>> <label>Fax</label><input name="fax" type="text" /><br /><br />
>> <label>E-Mail</label><input name="email" type="text" /><br /><br />
>> <label>Comments</label><br /><textarea name="comments" cols="100"
>> rows="15"></textarea><br /><br />
>>
>> <input name="submit" type="submit" value="submit" />
>> </form>
>>
>> <?php
>>
>> $fname=($_POST['fname']);
>> $lname=($_POST['lname']);
>> $street=($_POST['street']);
>> $town=($_POST['town']);
>> $state=($_POST['state']);
>> $zip=($_POST['zip']);
>> $phone=($_POST['phone']);
>> $fax=($_POST['fax']);
>> $email=($_POST['email']);
>> $comments=($_POST['comments']);
>> $REMOTE_ADDR=$_SERVER['REMOTE_ADDR'];
>>
>> $dbc=mysqli_connect('localhost','root','','test');
>> $query="INSERT INTO address (street, town, state,
>> zip)"."VALUES('$street','$town','$state','$zip')".
>> "INSERT INTO comments(comments)"."VALUES('$comments')".
>> "INSERT INTO
>> contact(phone,fax,email)"."VALUES('$phone','$fax','$email')".
>> "INSERT INTO name (fname, lname)"."VALUES('$fname','$lname')";
>>
>> $result = mysqli_query($dbc, $query)
>> or die('Error querying database.');
>>
>
> I see 2 problems:
>
> 1) your sql statements are not separated by semicolon <- very important
> when executing multiquery
> 2) you could try mysql_multi_query
> http://www.php.net/manual/en/mysqli.multi-query.php
>
> Regards,
> Tommy
>
>> mysqli_close($dbc);
>>
>> ?>
>> </body>
>> </html>
>>
>>
>>
>> __________ Information from ESET Smart Security, version of virus
>> signature database 5016 (20100410) __________
>>
>> The message was checked by ESET Smart Security.
>>
>> http://www.eset.com
>>
>>
>>
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 5017 (20100411) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 5017 (20100411) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 5021 (20100412) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
__________ Information from ESET Smart Security, version of virus signature
database 5023 (20100412) __________
The message was checked by ESET Smart Security.
http://www.eset.com
--- End Message ---
--- Begin Message ---
On 13 April 2010 00:04, Gary <gwp...@ptd.net> wrote:
> For those that were looking to see a solution, this is what I have come up
> with. It was pointed out on another board (MySQL) that inserting multiple
> in one script is probably prohibited because of security reasons.
>
> What I did was open the connection, insert into the table, close the
> connection, close the php script, then start over again. This is the code:
>
> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to
> MySQL server');
>
> $query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";
>
> $result=mysqli_query($dbc, $query)
> or die('Error querying database.');
>
> mysqli_close($dbc);
> ?>
>
> <?php
>
> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to
> MySQL server');
> $query="INSERT INTO address (street, town, state,
> zip)"."VALUES('$street','$town','$state','$zip')";
>
> $result=mysqli_query($dbc, $query)
> or die('Error querying database.');
>
> mysqli_close($dbc);
>
> ?>
>
> It seems a little redundant for PHP, however it seems to work.
>
> Thank you to everyone that responded. If by the way someone sees an issue
> with this solution, I would love to read it.
Off the top of my head: just reuse the connection. There's no need to
close it, then reopen it. The only security problem you're facing is
that you cannot send multiple queries in *the same string*[1]. So send
the queries one by one, but in the same script, using the same
connection.
1. The reason this is a security concern is that otherwise, should
someone manage to inject sql into your query, they could drop in a
semi-colon and then start a new query. By not allowing this, a lot of
bad injections are by default ruled out.
--
<hype>
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
Flickr: http://www.flickr.com/photos/fake51
BeWelcome: Fake51
Couchsurfing: Fake51
</hype>
--- End Message ---
--- Begin Message ---
Hey Gary, instead try something like this maybe?
$dbc=mysqli_connect('localhost','root','','test') or die('Error
connecting to MySQL server');
$query_name="INSERT INTO name(fname='$fname', lname='$lname')";
$query_address="INSERT INTO address (street='$street', town='$town',
state='$state', zip='$zip')";
$result1=mysqli_query($dbc, $query_name) or die('Error querying
database for name.');
$result2=mysqli_query($dbc, $query_address) or die('Error querying
database for address.');
echo "Success!<br />";
?>
HTH,
Karl
On Apr 12, 2010, at 5:16 PM, Peter Lind wrote:
$dbc=mysqli_connect('localhost','root','','test')or die('Error
connecting to
MySQL server');
$query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";
$result=mysqli_query($dbc, $query)
or die('Error querying database.');
mysqli_close($dbc);
?>
<?php
$dbc=mysqli_connect('localhost','root','','test')or die('Error
connecting to
MySQL server');
$query="INSERT INTO address (street, town, state,
zip)"."VALUES('$street','$town','$state','$zip')";
$result=mysqli_query($dbc, $query)
or die('Error querying database.');
mysqli_close($dbc);
?>
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--- End Message ---
