Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    New to the CF scene
    Join Date
    Dec 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    PHP $_POST Into Database

    HTML Form

    Code:
    <html>
    <body>
    
    <form action="welcome.php" method="post">
    
    Type Some Text...: 
    <br>
    
    <textarea name="mes" cols=20 rows=3></textarea> 
    <input type="submit" />
    </form>
    
    </body>
    </html>
    PHP FUNCTION

    Code:
    
    
    
    
    
    
    
    
    
    
    
    <?php
    mysql_connect ("localhost","root","") or die ("Databse Connection Error");
    mysql_select_db ("pph") or die ("mysql_select_db Selection Error");
    
     $query = mysql_query("INSERT INTO file (username)
            VALUES ('This is a test')") or die ("Query Response Error");
         
    
    	 
    	
    	 
    	 
    	 
    	 
    ?>
    
    
    
     <?php
    $con = mysql_connect("localhost","root","");
    if (!$con)
      {
      die('Could not connect: ' . mysql_error());
      }
    
    mysql_select_db("pph", $con);
    
    $result = mysql_query("SELECT * FROM file");
    
    while($row = mysql_fetch_array($result))
      {
     
      echo $row['Username'] . " " . $row['File Field'];
       
      
      echo "<br />";
      }
       echo ("<br> Simple Text Will Be Here!");
       die ("<td> <td> <br> <br> Data Will Be Echoed From The Database Here For Now! <br>");
    mysql_close($con);
    ?>
    so i need help to get the values to $_POST The data from the form and the users username.

    Thanks

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    PHP Code:
    <?php
    $_POST
    ['mes'];   #carries the data.. so...

    $sql="INSERT INTO `file` SET `username`='{$_POST['mes']}'";
    mysql_query($sql)or die(mysql_error());
    ?>
    note that you should be checking all $_POST variables to remove CSS or SQL injection
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #3
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    Quote Originally Posted by iBall View Post
    ..... and if your website is ever moved to a server that uses a different database to MySQL, you'll very likely have to remove all the backticks in the code.
    ..and any LIMIT statements ..and all of the mysql calls
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #4
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    Quote Originally Posted by iBall View Post
    That''s correct.
    But I normally preach ease of maintenance as much as possible and since the backticks are totally optional I would not have them there in the first place in order to minimise the number of required changes if moved to a different database
    OK by far the most likely database change is ... update to newer version of MySQL
    so you may run....

    "SELECT * FROM general WHERE blah IS NOT NULL";

    now upgrade to MySQL 5.5 and see what happens

    the resolution to the above involves backticks or changing your MySQL config to ANSI mode ... which then requires access to MySQL configuration, delimiting using quotes, incompatible with....

    I cant find them from a quick search but using backticks has solved more than one reserved word SQL error on these forums & seriously in the unlikely move to mssql or another backticks are going to be the least of your problems and easily resolved using sed/str_replace/preg_*
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #5
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,091
    Thanks
    51
    Thanked 506 Times in 493 Posts
    Strewth, I've never seen so many posts from firepages in 2 days!

    @firepages

    When are you going to sort your website? - The last time I tried to post on your forum I got a diskspace full error. The rest of the site seems to have dead links too! Very cool site (the usb WAMP article you posted years ago was way ahead of its time) hence I still visit every few months for anything else thats cool.
    My helpful sig is on vacation trying to loose some weight. It got a bit fat and caused a few problems but it will be back at some point!

  • #6
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,091
    Thanks
    51
    Thanked 506 Times in 493 Posts
    Personally I don't see there as being a right OR wrong way when it comes to using back ticks. I think there is a time and a place for the use of and the non use of.
    My helpful sig is on vacation trying to loose some weight. It got a bit fat and caused a few problems but it will be back at some point!

  • #7
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    Quote Originally Posted by iBall View Post
    If some mental giant has used a reserved word inappropriately in code then they deserve a good kick up the back-side.
    you know even mental giants have problems predicting the future .. perhaps you check for new reserved words every time you create a table ? and remember you pointed out that noobs have issues with backquotes, well they have issues with reserved words as well.... note the use of file as a table name, not reserved but seems like a noob choice.

    backticks solve potential issues and cause no harm (apart from appearing to annoy you) , and for me make SQL more readable, your injection into this post is based purely on personal preferences yet you proffer your personal preferences as best practice, optional means exactly that.

    Anyway sorry Spudster1 for you getting dragged in here, please ignore the distractions.

    Quote Originally Posted by tangoforce
    Strewth, I've never seen so many posts from firepages in 2 days!
    tell me about it I am on fire
    ... actually after a long break from regular coding I am gonna be working on a couple of decent sized web based projects over the next couple of months and hopefully that will get me in the mood/frame of mind to tidy up the site and post some more bits and bobs, I live in hope! , cheers.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #8
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,091
    Thanks
    51
    Thanked 506 Times in 493 Posts
    Quote Originally Posted by iBall View Post
    What I did is just point out their potential pitfalls for newbies
    The thing is though, there are no pitfalls for newbies. Mysql will accept SQL with or without backticks however the use of them should always be encouraged as it ingrains a problem solving aspect into a noobs head.

    What happens when there is a new mysql release and mysql use a new reserved word that you've used in one of your SQL statements without backticks? - You may be getting a few calls from customers who suddenly find their sites don't work anymore.

    Quote Originally Posted by iBall View Post
    I also never said they must not be used. I said they should not be used and gave my reasons.
    IMO thats the same thing.

    Quote Originally Posted by iBall View Post
    You're the one appearing to be annoyed that I even suggested that they should not be used
    Actually if you don't mind me saying so, the tone of YOUR post came across as being very annoyed, a tad arrogant and almost bordering aggressive. From what I've read of firepages posts nothing there had any underlying tones or any form of frustration. Remember, you're the one talking of people getting a kick up the backside.
    My helpful sig is on vacation trying to loose some weight. It got a bit fat and caused a few problems but it will be back at some point!

  • #9
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    OK was trying to be nice
    Quote Originally Posted by stupid
    and so imo they deserve it
    how can you deserve it for not knowing the future ? do you get this, I know what new reserved words are for 5.5 cos they are listed , I dont know what they are for 5.6, nor do you. Of course wombat Notation will prevent this, but seriously you are ignoring the point, ESP in the case of noobs.....

    actually I dont think you are, you are just bending over backwards to try and defend your pointless troll which helped the original question not one squat, added nothing to the greater good, Its helpful to point out unsafe code, helpful to point out code which has a parse error, helpful to point out a quicker/more efficient way of doing something ... I dont need to go on do I?

    + If you had ever ported over a major project to a new DB you would know what nonsense you are talking.

    Do I and others have to write a disclaimer in each post "iBall in his greater wisdom may deem the following code unsound because of his/her unilateral presumption of what is right and wrong, I apologise for any offence that may be caused" ?????

    anyway, I wont be adding anymore to this post and am angry with myself for getting sucked in & in general why not try only posting if you have something constructive and useful to say ?
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #10
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,091
    Thanks
    51
    Thanked 506 Times in 493 Posts
    Quote Originally Posted by iBall View Post
    it appears you haven't read my posts or at least all of them.
    Erm, yes, yes I have.

    Quote Originally Posted by iBall View Post
    One pitfall for newbies of using backticks is that they often mistake them for single quotes and then they come into web forums (not just this one) wondering why their query doesn't work.
    Is that such a bad thing? - You're suggesting that they should never encounter this problem and learn from it? Do you know what makes a good coder? It's not being able to avoid confusing or complicated issues its being able to understand them, know how to work with them or get around them. In this case knowing the difference between back ticks and single quote marks is a fundamental requirement for any php coder. Imagine getting a PHP developers job with a company, they let you loose on their source code and you break it because you've never dealt with back ticks. Suddenly you look completely incompetant, you've broken the company code and you've got a lot of catching up to do within 5-10 minutes to convince them you're capable of it.


    Quote Originally Posted by iBall View Post
    The backticks are optional in MySQL and not even allowed by most other databases so I will always discourage people from using them unnecessarily.
    Yes that may be so but that is the DIFFRENCE between mysql and OTHER databases. They are all different. It's learning these differences and memorising them that makes you a better programmer.

    Quote Originally Posted by iBall View Post
    Yes, if you read my post you will see I was referring to people using reserved words inappropriately when it is easily avoided without backticks and so imo they deserve it
    The problem with that is that some people don't even realise that there are reserved words and thus cannot avoid using them. Did you know everything about php and mysql when you were learning? No. Did I know everything about them? No. You learn it as you go along. THAT is why every newbie should learn about backticks so that they are informed and can then make their own choice.

    Your failure to recognise this and even discouraging people from learning how to use them properly is not wise.

    Quote Originally Posted by nioeya20 View Post
    But I normally preach ease of maintenance as much as possible and since the backticks are totally optional I would not have them there in the first place in order to minimise the number of required changes if moved to a different database
    Considering you have just 5 posts and 3 img tags in your post that the forum has blocked I can only consider your post as spam.

    Quote Originally Posted by firepages View Post
    + If you had ever ported over a major project to a new DB you would know what nonsense you are talking.
    I reckon thats the best supporting part of the arguement yet. If iBall thinks all database servers are going to work exactly the same as mysql then..


    Quote Originally Posted by iBall View Post
    Obviously you can't know the future, but if you use Hungarian Notation as I posted earlier..
    I must be missing something because the only reference to hungarian I can find in mysql is the collation. Yes you posted about this earlier but you never posted HOW (and if in your superior knowledge you think a bodge is a good way to avoid dealing with other issues that have a proper workaround then you have a deeply flawed arguement).
    My helpful sig is on vacation trying to loose some weight. It got a bit fat and caused a few problems but it will be back at some point!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •