I am new to mysql and php. I am trying to learn this in order to
implement a web based database to keep track of camera inventory along
with RMA and cost information. I am not sure what I am doing wrong
with this.
I am trying to set this up so that when someone hits submit it enters
the information into the database.
I would also like to find a way to get it to append the information as
well. I have no prior html, php, or mysql experience.
<?php
// database connection
mysql_connect("localhost", "username", "password") or
die(mysql_error());
mysql_select_db("cameradb") or die(mysql_error());
//$query definition
$query = "INSERT INTO cameras (SN, MAC_Adress, CAM_Type, CAM_Location,
CAM_Name, RMA_Number, RMA_Description,
RMA_Req_Date, RMA_Rec_Date, RMA_Ship_Date, RMA_Return_Date, RMA_Cost)
VALUES
('$_post[SN]','$_post[MAC_Adress]',
'$_post[CAM_Type]', '$_post[CAM_Location]', '$_post[CAM_Name]',
'$_post[RMA_Number]', '$_post[RMA_Description]',
'$_post[RMA_Req_Date]', '$_post[RMA_Rec_Date]',
'$_post[RMA_Ship_Date]', '$_post[RMA_Return_Date]',
'$_post[RMA_Cost]')";
{
?>
//form definition and assigning variables
<form action ="<?php mysql_query($query) ?>" method="post">
<p>Camera Serial Number: <input type="text" name="SN" /></p>
<p>Mac Adress: <input type="text" name="Mac_adress" /></p>
<p>Camera Types: <input type="text" name="cam_type" /></p>
<p>Camera Loacation: <input type="text" name="cam_location" /></p>
<p>Camera Name: <input type="text" name="cam_name" /></p>
<p>RMA Number: <input type="text" name="RMA_Number" /></p>
<p>RMA Description: <input type="text" name="RMA_Description" /></p>
<p>RMA Request Date: <input type="text" name="RMA_Req_date" /></p>
<p>RMA Recieve Date: <input type="text" name="RMA_Rec_date" /></p>
<p>RMA Ship Date: <input type="text" name="RMA_Ship_Date" /></p>
<p>RMA Return Date: <input type="text" name="RMA_Return_date" /></p>
<p>RMA Cost: <input type="text" name="RMA_Cost" /></p>
<p><input type="submit" /></p>
</form>
<?php
}
?> 2  1626  sh**********@gmail.com wrote:
I am new to mysql and php. I am trying to learn this in order to
implement a web based database to keep track of camera inventory along
with RMA and cost information. I am not sure what I am doing wrong
with this.
I am trying to set this up so that when someone hits submit it enters
the information into the database.
I would also like to find a way to get it to append the information as
well. I have no prior html, php, or mysql experience.
<?php
// database connection
mysql_connect("localhost", "username", "password") or
die(mysql_error());
mysql_select_db("cameradb") or die(mysql_error());
//$query definition
$query = "INSERT INTO cameras (SN, MAC_Adress, CAM_Type, CAM_Location,
CAM_Name, RMA_Number, RMA_Description,
RMA_Req_Date, RMA_Rec_Date, RMA_Ship_Date, RMA_Return_Date, RMA_Cost)
VALUES
('$_post[SN]','$_post[MAC_Adress]',
'$_post[CAM_Type]', '$_post[CAM_Location]', '$_post[CAM_Name]',
'$_post[RMA_Number]', '$_post[RMA_Description]',
'$_post[RMA_Req_Date]', '$_post[RMA_Rec_Date]',
'$_post[RMA_Ship_Date]', '$_post[RMA_Return_Date]',
'$_post[RMA_Cost]')";
{
?>
//form definition and assigning variables
<form action ="<?php mysql_query($query) ?>" method="post">
<p>Camera Serial Number: <input type="text" name="SN" /></p>
<p>Mac Adress: <input type="text" name="Mac_adress" /></p>
<p>Camera Types: <input type="text" name="cam_type" /></p>
<p>Camera Loacation: <input type="text" name="cam_location" /></p>
<p>Camera Name: <input type="text" name="cam_name" /></p>
<p>RMA Number: <input type="text" name="RMA_Number" /></p>
<p>RMA Description: <input type="text" name="RMA_Description" /></p>
<p>RMA Request Date: <input type="text" name="RMA_Req_date" /></p>
<p>RMA Recieve Date: <input type="text" name="RMA_Rec_date" /></p>
<p>RMA Ship Date: <input type="text" name="RMA_Ship_Date" /></p>
<p>RMA Return Date: <input type="text" name="RMA_Return_date" /></p>
<p>RMA Cost: <input type="text" name="RMA_Cost" /></p>
<p><input type="submit" /></p>
</form>
<?php
}
?>
A couple of things.
First of all, it is $_POST, not $_post - case sensitive.
And you need to ALWAYS VALIDATE input from the user. Don't just
"assume" the data are correct.
Finally, all strings should be processed with mysql_real_escape_string()
before being inserted into the database - among other things it takes
care of apostrophes in the text - but also helps protect you if someone
tries some bad data (google for "SQL injection").
Something like:
$sn = $_POST['SN'];
.... validate here
$macaddr = $_post[MAC_Adress];
.... validate
(or get each one locally and validate it)
Finally,
$query = "INSERT INTO cameras (SN, MAC_Adress, CAM_Type, " .
"CAM_Location, CAM_Name, RMA_Number, RMA_Description, " .
"RMA_Req_Date, RMA_Rec_Date, RMA_Ship_Date, RMA_Return_Date, " .
"RMA_Cost) " .
"VALUES ('" . mysql_real_escape_string($sn) . "', '" .
mysql_real_escape_string($macaddr) . "', '" .
etc.
If course there are other ways to handle the actual syntax - but you get
the idea.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
================== sh**********@gmail.com wrote:
//$query definition
$query = "INSERT INTO cameras (SN, MAC_Adress, CAM_Type, CAM_Location,
CAM_Name, RMA_Number, RMA_Description,
RMA_Req_Date, RMA_Rec_Date, RMA_Ship_Date, RMA_Return_Date, RMA_Cost)
VALUES
('$_post[SN]','$_post[MAC_Adress]',
'$_post[CAM_Type]', '$_post[CAM_Location]', '$_post[CAM_Name]',
'$_post[RMA_Number]', '$_post[RMA_Description]',
'$_post[RMA_Req_Date]', '$_post[RMA_Rec_Date]',
'$_post[RMA_Ship_Date]', '$_post[RMA_Return_Date]',
'$_post[RMA_Cost]')";
To begin with, variables are case-sensitive in PHP. That is, $_POST and
$_post are two very different things. Here you go:
function escaped_post ($key)
{
if (!isset($_POST[$key]))
return 'NULL';
if (is_numeric($_POST[$key]))
return $_POST[$key];
$value = $_POST[$key];
if (get_magic_quotes_gpc())
$value = stripslashes($value);
$value = mysql_real_escape_string($value);
return "'{$value}'";
}
$query = sprintf("INSERT INTO cameras (SN, MAC_Adress, CAM_Type, "
. "CAM_Location, CAM_Name, RMA_Number, "
. "RMA_Description, RMA_Req_Date, "
. "RMA_Rec_Date, RMA_Ship_Date, RMA_Return_Date, "
. "RMA_Cost) "
. "VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s);",
escaped_post('SN'),
escaped_post('MAC_Adress'),
escaped_post('CAM_Type'),
escaped_post('CAM_Location'),
escaped_post('CAM_Name'),
escaped_post('RMA_Number'),
escaped_post('RMA_Description'),
escaped_post('RMA_Req_Date'),
escaped_post('RMA_Rec_Date'),
escaped_post('RMA_Ship_Date'),
escaped_post('RMA_Return_Date'),
escaped_post('RMA_Cost'));
--
Toby A Inkster BSc (Hons) ARCS http://tobyinkster.co.uk/
Geek of ~ HTML/SQL/Perl/PHP/Python/Apache/Linux This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: spacemancw |
last post by:
I'm reading an article on MySQL/PHP at
http://hotwired.lycos.com/webmonkey/99/21/index3a_page4.html?tw=programming
It's very good for me starting out but I have a question.
I'm using OS X...
|
by: William Drew |
last post by:
REQUEST FOR DISCUSSION (RFD)
unmoderated group comp.databases.mysql
This is an invitation to discuss the following proposal to create newsgroup
comp.databases.mysql. Please note that YOU...
|
by: chicha |
last post by:
Hey people,
I have to convert MS Access 2000 database into mysql database, the whole
thing being part of this project I'm doing for one of my faculty
classes. My professor somehow presumed I...
|
by: Lotfi |
last post by:
Hi
I am trying to access MySQL DB with C++ Builder 6 pro,
I have Apache 2 under W2000 pro and MySQL 4
I found
http://crlab.com/mydac/
but it is not free :-(
but the trial version seems to...
|
by: Matthew Clubb |
last post by:
Hi,
I need help developing an expanding form
I've decided that a use of PHP, Mysql and Javascript is the best platform
for creating a selection of database interfaces which I'm trying to build...
|
by: Sam White |
last post by:
I have set up a MySQL db on one server, IIS 6.0 on another. Using
Frontpage I created some forms to input data. On a test page I made, I
have 4 fields. First is the ID which is autonumber (I leave...
|
by: Miku |
last post by:
Hi Guies,
I am new to vb.net.
In my project I am using vb.net & MySql 4.0.17 as a backend. For
database connectivity i have downloaded ByteFX - Mysql .net native
provider.
I have written the...
|
by: Bob Alston |
last post by:
Anyone have experience with converting an access app from Jet database
to Mysql? I am specifically looking for any changes I would have to
make to my access forms, queries, modules, vba code, etc....
|
by: Atli |
last post by:
You may be wondering why you would want to put your files “into” the database, rather than just onto the file-system. Well, most of the time, you wouldn’t.
In situations where your PHP application...
|
by: JamieHowarth0 |
last post by:
I have been trying to find a solution to this on the Internet for months. Literally, ages and ages and ages, praying that someone in the open-source community has enough knowledge to put together an...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
