[PHP-DB] Submitting data to MySQL database using HTML/PHP form
Hi there, I am creating a login page for my website. The users' information will be stored in a MySQL database. I have a registration form on my home page, and a separate file called login.php to process the user values. However, the entries are not going to the MySQL database (even though the values can be entered successfully using the command line). I'd appreciate your insight on why the form entries are not making their way to the MySQL database. Much thanks in advance! This is the code for the form in home.php: form action='login.php' method='POST' Username: input type='text' name='login'br Password: input type='password' name='password'br input type='submit' value='Submit' /form This is the code in login.php: ?php // Connect to server and select database. $host = localhost; $user = root; $mysql_pass = abc; $db = directory; mysql_connect($host, $user, $mysql_pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); // username and password sent to table user_info in mysql $login = $_POST['login']; $password = $_POST['password']; // insert values into table called user_info $insert = INSERT INTO user_info (login, password) VALUES ($login, $password); mysql_query($insert); ? I hope to develop the form further once the basic submission process has been ironed out... Thanks again for any insight!
Re: [PHP-DB] Submitting data to MySQL database using HTML/PHP form
On Sun, Feb 20, 2011 at 14:11, Nazish Zafar naz...@jhu.edu wrote: $insert = INSERT INTO user_info (login, password) VALUES ($login, $password); You're using double-quotes to encapsulate your $insert variable data, then never closing them. What's more, you're also using double-quotes to encapsulate each individual variable in the query. Rewrite $insert to this: $insert = INSERT INTO user_info(login,password) VALUES('.mysql_real_escape_string($login).','.mysql_real_escape_string($password).'); -- /Daniel P. Brown Network Infrastructure Manager Documentation, Webmaster Teams http://www.php.net/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] data formats
I'm submitting form data which is a mixture of checkboxes and text inputs, some of which are integers and a couple text based. I am retrieving the data as follows: $var = (int)!empty($_POST['var']); for checkboxes, $var = (int)$_POST['var']; for integers and $var = mysql_real_escape_string($_POST['var']); Is this correct? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Submitting data to MySQL database using HTML/PHP form
Daniel Brown wrote: On Sun, Feb 20, 2011 at 14:11, Nazish Zafarnaz...@jhu.edu wrote: $insert = INSERT INTO user_info (login, password) VALUES ($login, $password); You're using double-quotes to encapsulate your $insert variable data, then never closing them. What's more, you're also using double-quotes to encapsulate each individual variable in the query. Rewrite $insert to this: $insert = INSERT INTO user_info(login,password) VALUES('.mysql_real_escape_string($login).','.mysql_real_escape_string($password).'); Look at that one more time Dan. ;-) Donovan -- D Brooke -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php