edward, what you are saying is indeed true. it is easier to just turn the register_globals on, but php recommends against doing this for security reasons. green -----Original Message----- From: Becoming Digital [mailto:info@becomingdigital.com] Sent: Wednesday, May 07, 2003 8:36 PM To: _agreen@bellsouth.net; admin@adept-hosting.net; Php-DB (E-mail) Subject: Re: Newbie help > 2 - forego use of the assignment to variables, and plug the POST variables > directly into the sql statement instead. This is even easier if register_globals = On. Such a setup just eliminates the middle man. Edward Dudlik Becoming Digital www.becomingdigital.com ----- Original Message ----- From: "Andy Green" <_agreen@bellsouth.net> To: <admin@adept-hosting.net>; "Php-DB (E-mail)" <php-db@lists.php.net> Sent: Wednesday, 07 May, 2003 00:43 Subject: RE: Newbie help ken, it looks like there's a problem with this section of code [CODE] //Assign contents of form to variables #$userid = $_POST['userid']; #$passwd = $_POST['passwd']; $sql = "INSERT INTO users (userid, passwd) VALUES (userid = 'userid', passwd = 'passwd')"; [/CODE] i'd recommend one of two things: 1 - uncomment out the assignment of the POST variables, and change your sql statement to this: $sql = "INSERT INTO users(userid,passwd) VALUES ('$userid','$passwd')"; 2 - forego use of the assignment to variables, and plug the POST variables directly into the sql statement instead. in either event, i would recommend printing out the statement to the screen so that you can be sure that the sql syntax is correct, and comment out the insert command. when you're sure the syntax is correct, remove the print statement and uncomment the insert command. hope this helps green -----Original Message----- From: Ken Larkman [mailto:admin@adept-hosting.net] Sent: Wednesday, May 07, 2003 12:31 AM To: Php-DB (E-mail) Subject: Newbie help Hello, I am new to working with PHP and MySQL so I'm sure my mistake(s) are simple enough. Basically, I'm trying to write a script(s) to add a row to a MySQL database. I took the scripts below off a website and have been trying to tweak them to do what i want. Unfortunately, the script usually gives me an error message (the one defined in the script) and very occassionally inserts a blank row in the database. Any clues or advice on what I am doing wrong would be greatly appreciated. Unfortunately, I have not found the solution on the web or MySQL site (probably because I have no idea what I'm doing). Thanks! - Ken <HTML> <form name="mailadmin" method=POST action="test2.php"> userid: <input type="text" name="userid"><br> passwd: <input type="text" name="passwd"><br> <input type="submit" name="submit" value="submit"> </form> </HTML> <?PHP //Our PHP/MYSQL page. //This script takes the data from the form //fields and adds them to specified parts //parts of the database //MySQL Variables. Edit where necessary session_start(); $host = "localhost"; $login_name = "root"; $password = "ronin0567*"; //Connecting to MYSQL MySQL_connect("$host","$login_name","$password"); //Select the database we want to use MySQL_select_db("dbmail") or die("Could not select database"); //Assign contents of form to variables #$userid = $_POST['userid']; #$passwd = $_POST['passwd']; $sql = "INSERT INTO users (userid, passwd) VALUES (userid = 'userid', passwd = 'passwd')"; $result = mysql_query($sql); //Code to check if statement executed properly and display message if ($result) { echo("userid and passwd successully added"); } else { echo("An error occured"); } //Close connection with MySQL mysql_close(); ?> -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
