php - inserting info into a database

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
hey guys, can anyone see where im going wrong in my code below? i am
making a registration form on a webpage before using php to send the
input data into a mySQL database. first off is the code for the
registration form:

<form method = "POST" action="display.php"

<h1> Please fill in all fields below to register: </h1> Title:

<select name = "title">
<option selected>Please select..

<br>First name: <input type ="text" name = "first">
<font color = "black"></font><br>

<br>Last name: <input type = "text" name = "last">
<font color="black"></font><br>

<select name = "age">
<option selected>Please select..

<select name ="subject">
<option selected>Please select..
<option>Computer Science
<option>Earth, Ocean and Planetary Science
<option>European Studies
<option>History and Archaeology
<option>Journalism, Media and Cultural Studies
<option>Religious and Theological Studies

<br>Initial Year of Study:
<select name = "year">
<option selected>Please select..

<br>Email Address: <input type = "text" name = "email">
<font color="black"></font><br>

<br>User Name: <input type = "text" name = "user_name">
<font color="black"></font><br>

<br>Password: <input type = "password" name = "password">
<font color="black"></font><br>

<br><input type="submit" name = "Send" value = "Send">


next off is the code using php:

    $connection =
    mysql_select_db("sjcdb",$connection)or die("failed!");


    mysql_query("INSERT INTO info VALUES ('',

anyone know where im going wrong??

Re: php - inserting info into a database

Hash: SHA1

comp_guy wrote:

Quoted text here. Click to load it

You're wrong in not using a "value" attribute in the <option> tags, and
you're wrong in trusting the posted values without checking or escaping
them first.

- --  
- ----------------------------------
Iván Sánchez Ortega -i-punto-sanchez--arroba-mirame-punto-net ; ;
Version: GnuPG v1.4.2.2 (GNU/Linux)


Re: php - inserting info into a database

For debugging purposes, storing the query in a variable (which you will
use as bobzimuta said eg. mysql_query( $query, $connection ))and
echoing it to the screen will often show up sql syntax errors.

Re: php - inserting info into a database

Did you account for every field in the table? There must be as many
values as their are fields or the query will fail.

Re: php - inserting info into a database

Extract the query into a string (i.e. $query = "..."), and replace
mysql_query() with
the following:

if( !mysql_query( $query, $connection ) )
  exit( mysql_error( $connection ) . "<br>Query: <br><pre>" . $query .
"</pre>" );

You can wrap all your query calls in a function, as it enables basic
debugging any time a query might fail
function my_query( $query, $connection, $DEBUG = 0 )
  $query_worked = mysql_query....
  if( !$query_worked && $DEBUG )
    // do the exit and output here, or just output and return
    return $query_worked;


Site Timeline