php form -> mysql problem (please help!)

A

Anonymous

Guest
That's because your using the ancient way of calling form variables which is both a security whole and no longer works... Try this:

Code: 
<?php 
$dbh = mysql_connect ("localhost", "ascendan_cat", "paws") or die ( 'I cannot connect to the database because: ' . mysql_error()); 
mysql_select_db ("ascendan_pets") or die (mysql_error()); 
$result = mysql_query ("INSERT INTO pets (Name, Fav food) values ('".$_POST['petname']."','".$_POST['ffood']."')", $dbh); 
?> 
<form method="post" action="<?php echo $PHP_SELF?>"> 
Pet Name: <input type="text" name="petname"><br> 
Favourite Food: <input type="text" name="ffood"><br> 
<input type="submit" name="submit" value="Enter information"> 
</form>
 
Try this:

<?php

if ($ffood AND $petname) {

$db = mysql_connect ("localhost", "ascendan_cat", "paws");
$db_select = mysql_select_db ("ascendan_pets");
if (!$db){ echo "DB Connection Failure";}
if (!$db_select){ echo "DB Selection Failure";}

$query = "INSERT INTO pets (Name, Fav food) VALUES ('$petname', '$ffood')";

// echo $query;
/* Uncomment the echo command above to see the SQL query printed on the screen. If the variables are missing you may have global_variable turned ON there you can try $HTTP_POST_VARS[petname] AND $HTTP_POST_VARS[ffood] instead. */

if ($result = mysql_query ($query)) {
echo "Information Inserted";
} else {
echo "Database Error Occured!";
}
}
?>
<form method="post" action="<?=$PHP_SELF ?>">
Pet Name: <input type="text" name="petname"><br>
Favourite Food: <input type="text" name="ffood"><br>
<input type="submit" name="submit" value="Enter information">
</form>
 
Try this code.
Code: 
<?php 

$dbh = mysql_connect ("localhost", "ascendan_cat", "paws") or die ( 'I cannot connect to the database because: ' . mysql_error()); 

mysql_select_db ("ascendan_pets") or die (mysql_error()); 

$result = mysql_query ("INSERT INTO pets (Name, Fav food) values ('".$_POST['petname']."','".$_POST['ffood']."')", $dbh); 

?> 

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> 
Pet Name: <input type="text" name="petname"><br> 
Favourite Food: <input type="text" name="ffood"><br> 
<input type="submit" name="submit" value="Enter information"> 
</form>
 
You must log in or register to reply here.
Back
Top