SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    Jan 2009
    Posts
    61
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    not actually inserting into database

    I'm trying to do a simple user, password insert into a database. On screen it says that it occurred but when I check the field nothing is actually inserted.
    Here is my code from myform.php.

    <!-- <?php echo phpinfo(); ?> -->

    Your name is: <?php echo $_POST['userName']; ?><br />
    Your password: <?php echo $_POST['userPass']; ?><br />
    <?php
    $db_form = mysql_connect("localhost", "root", "") or die(mysql_error());
    echo "Connected to MySQL<br />";
    mysql_select_db("db_form") or die(mysql_error());
    echo "Connected to Database";
    $userName = $_POST['userName'];
    $userPass = $_POST['userPass'];
    $sql = "INSERT INTO `db_form`.`users` (`userId`, `userName`, `userPass`) VALUES (NULL, \'$userName\', \'$userPass\');";?>

    <?php echo $sql;?><br />
    <?php mysql_query($sql) or die(mysql_error());?><br />
    <?php mysql_close($db_form);?>
    ------------------------------------------------
    On screen I have this:

    Your name is: bob dole
    Your password: gumdrops
    Connected to MySQL
    Connected to Database INSERT INTO `db_form`.`users` (`userId`, `userName`, `userPass`) VALUES (NULL, \'bob dole\', \'gumdrops\');
    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'bob dole\', \'gumdrops\')' at line 1

  2. #2
    SitePoint Wizard silver trophybronze trophy Stormrider's Avatar
    Join Date
    Sep 2006
    Location
    Nottingham, UK
    Posts
    3,133
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Remove the slashes, you don't need to escape single quotes within a double quoted string. The mysql error should have pointed you to this.

    As a side note, you should escape all your input with mysql_real_escape_string, that script is currently vulnerable to SQL injection attacks.

  3. #3
    SitePoint Enthusiast
    Join Date
    Jan 2009
    Posts
    61
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you so much. I was up until 4am with this.
    My very first insertion


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •