It may be a matter of opinion, but i beleive this is a poor method of
doing what your doing. I would get my values thru $_REQUEST and use
addslashes to escape what needs to be escaped, and i would write my
SQL query with full column listing and string values in quotes. eg..
INSERT INTO table (column, column, column) VALUES ('$string',
'$string') etc....
the loop method sort of obfusicates the code, making it hard to read,
especially if you didnt write the form.
My 2 cents, for whatever its worth. Good luck however :)
Jason
On Fri, 23 Jul 2004 15:46:27 -0500, Alex Hogan
<[EMAIL PROTECTED]> wrote:
> Hi All,
>
> I have a form with several values to insert.
> I thought that I remember a thread that discussed using a loop to insert
> $_POSTed values.
> I am trying;
>
> foreach($_POST as $key => $value){
> if($key == 'Submit'){
> exit;
> }
> else{
> $sql = "INSERT INTO registration ('$key')
> VALUES ('$value')";
> $result = mssql_query($sql);
> }
> }
>
> I keep getting an invalid object 'registration' error. However
> registration is the name of the table. I'm guessing it's someplace else
> in the statement that I'm messing up on.
>
> alex hogan
>
> *************************************************************************************
> The contents of this e-mail and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom it is addressed. The
> views stated herein do not necessarily represent the view of the company. If you are
> not the intended recipient of this e-mail you may not copy, forward, disclose, or
> otherwise use it or any part of it in any form whatsoever. If you have received this
> e-mail in error please e-mail the sender.
> *************************************************************************************
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
