SitePoint Sponsor |
|
User Tag List
Results 1 to 8 of 8
Threaded View
-
Nov 29, 2004, 14:28 #1
- Join Date
- Mar 2004
- Location
- Toronto, Canada
- Posts
- 326
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Passing Form Var's to SQL Statement then Into DB
I'm in the process of building a bookstore where customers can add Book Reviews. The sku# of a product is passed to a page level var called $sku via $_GET. I have a form that lets customers add reviews of a product. This is what it looks like:
Code:<form name="review_form" action="review_added.php" method="post"> <input type="hidden" value="<?=$sku ?>" name="prod_sku"> <p> <label for="first">Firstname</label><br /> <input type="text" value="<? $firstname ?>" id="firstname" name="firstname" maxlength="30" onfocus="this.style.background='#fff';" onblur="this.style.background='#eee';" class="text" /></p> <p> <label for="last">Lastname</label><br /> <input type="text" value="<? $lastname ?>" id="lastname" name="lastname" maxlength="50" onfocus="this.style.background='#fff';" onblur="this.style.background='#eee';" class="text" /></p> <p> <label for="title">Review Title</label><br /> <input type="text" value="<? $review_title ?>" id="review_title" name="review_title" size="60" maxlength="100" onfocus="this.style.background='#fff';" onblur="this.style.background='#eee';" class="text" /> </p> <p> <label for="review">Your Review</label><br /> <textarea cols="40" rows="15" id="review" name="review" onfocus="this.style.background='#fff';" onblur="this.style.background='#eee';"></textarea> </p> <input type="submit" value="Add Review" /> </form>
PHP Code://review_added.php
db_connect();
$reviews_table = "greg_php_reviews";
/* insert into table */
$sql = "INSERT INTO $reviews_table
(id, firstname, lastname, reviewDate, title, review, sku)
VALUES
('', '$firstname','$lastname', NOW(), '$review_title', '$review', 'prod_sku')";
/*get results */
$query = mysql_query($sql) or die(mysql_error());
?>
Thanks!
Bookmarks