help with php & mysql

Discussion in 'Web Design and Development' started by jones14, Feb 1, 2009.

  1. jones14 macrumors member

    Joined:
    Mar 1, 2007
    #1
    hi, I am seriously inexperienced with both php and mysql, what I am trying to do is have an html form on one page, and run a script to post the information into a table in a mysql database

    this is the script:
    Code:
    if(isset($_POST['process']) and $_POST['process']==1)
    {
        $firstname = trim($_POST['firstname']);
        $lastname = trim($_POST['lastname']);
        $email = trim($_POST['email']);
        $year = trim($_POST['year']);
        $grad = trim($_POST['grad']);
        $comment = trim($_POST['comment']);
    
        $query = 'INSERT INTO register SET
             firstname = "'.$firstname.'",
             lastname = "'.$lastname.'",
             email = "'.$email.'",
             year = "'.$year.'",
             grad = "'.$grad.'",
             comment = "'.$comment.'",
             datetimecreated = NOW()';
    
        if(mysql_query($query))
        {
            echo '<p style="color:#00F;">Thanks you!</p>';
        }
        else
        {
            echo '<p style="color:#C00;">Sorry, your entry could not be submitted.</p>';
        }
    }
    This was all done through a tutorial, so I really don't know what is happening exactly.
    My problem is just that I don't understand how to fit it all with my database. I don't see any way for it to know where or what my database is, my database is called "brandonj_register" and the table I want is called "register"

    I'm not really sure if what I want to do makes sense and if it doesn't just tell me. Thanks for looking
     
  2. centered effect macrumors newbie

    Joined:
    Sep 20, 2007
    #2
    First error I see is:

    Code:
    if(isset($_POST['process']) and $_POST['process']==1)
    
    Should be:
    Code:
    if (isset($_POST['process']) && $_POST['process']==1)
    I don't recall "and" being part of the operators

    Next, are you connecting to the databse at all in the script?

    Could you link to the tutorial?
     
  3. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #3
    Yea, the tutorial may have skipped over the connection to a database as they may have considered that outside the scope of the tutorial, but it's very much needed. I'd recommend finding another tutorial. There's also security issues in the code as it doesn't check the form inputs at all and someone could use MySQL injection to essentially destroy your database. I know your just learning, but make sure to keep code like this away from the public web because it could become misused.

    If you have PHP5, check this tutorial on connecting using mysqli functions. Alternatively, you can check out W3C's tutorial for using the older MySQL connection functions.
     
  4. TodVader macrumors 6502a

    TodVader

    Joined:
    Sep 27, 2005
    Location:
    Quebec, Canada
    #4
    You can connect to your database this way:

    PHP:
    <?php
         
    require $_SERVER['DOCUMENT_ROOT'].'/config.php';
         
         function 
    db_connect($db_host$db_user$db_password)
             {
                    
    $result mysql_connect($db_host$db_user$db_password);
                    if (!
    $result)
                    {
                     die(
    'Could not connect: ' mysql_error());
                   }         
                       else 
                   {
                     return 
    $result;
                   }
            }
            
    $db db_connect($db_host$db_user$db_password);  
            
    $db_selected=mysql_select_db($db_name);  
    ?>
    Make sure you assign values to $db_name $db_user and $db_password. $db_host should be localhost unless you are using an external MySQL.

    You also need to specify which DB you are using with mysql_select_db. I call this function everytime I need access to my DB. config.php includes my connection variables mentionned above.
     
  5. jones14 thread starter macrumors member

    Joined:
    Mar 1, 2007
    #5
    Well first i'd like to thank everyone for being so helpful. But, i'm still having problems, I used the code given by TodVader and am using it, it looks as if it connects to the database but I don't think it does, i've tried everything I can think of. I'd also like to point out this is for a school competition, and even though I know I should be practicing security concepts, it does not affect my score. Once again, thanks for looking!

    Here is the code at this point, these are details for the database
    database name - brandonj_register
    username - brandonj_brandon
    password - celica
    table being accessed - register

    PHP:
    <?php 
    $db_user 
    "brandonj_brandon";
    $db_password "celica";
    $db_host "localhost";
    $db_name "brandonj_register";
     
          function 
    db_connect($db_host$db_user$db_password
             { 
                    
    $result mysql_connect($db_host$db_user$db_password); 
                    if (!
    $result
                    { 
                     die(
    'Could not connect: ' mysql_error()); 
                   }          
                       else  
                   { 
                     return 
    $result
                   } 
            } 
            
    $db db_connect($db_host$db_user$db_password);   
            
    $db_selected=mysql_select_db($db_name);   

    if(isset(
    $_POST['process']) and $_POST['process']==1)
    {
        
    $db db_connect($db_host$db_user$db_password);   
            
    $db_selected=mysql_select_db($db_name);   
        
        
    $firstname trim($_POST['firstname']);
        
    $lastname trim($_POST['lastname']);
        
    $email trim($_POST['email']);
        
    $year trim($_POST['year']);
        
    $grad trim($_POST['grad']);
        
    $comment trim($_POST['comment']);

        
    $query 'INSERT INTO register SET
             firstname = "'
    .$firstname.'",
             lastname = "'
    .$lastname.'",
             email = "'
    .$email.'",
             year = "'
    .$year.'",
             grad = "'
    .$grad.'",
             comment = "'
    .$comment.'",
             datetimecreated = NOW()'
    ;

        if (
    mysql_query($query))
        {
            echo 
    '<p style="color:#00F;">Thank you for signing our guestbook!</p>';
        }
        else
        {
            echo 
    '<p style="color:#C00;">Sorry, your entry could not be submitted.</p>';
        }
    }
    $query 'SELECT * FROM register ORDER BY datetimecreated DESC';
    $result mysql_query($query);
    if(!
    $result)
    {
        echo 
    '<p style="color:#C00;">Could not retrieve entries.</p>';
    }
    else
    {
        while(
    $row mysql_fetch_array($result))
        {
            echo 
    '<p>';
            echo 
    '<strong>'.$row['firstname'].'<strong><br />';
            echo 
    $row['email'].'<br />';
            echo 
    date('F j, Y'strtotime($row['datetimecreated'])).' at '.date('g:i a'strtotime($row['datetimecreated'])).'<br />';
            echo 
    $row['comments'];
            echo 
    '</p>';
        }
    }
    ?>
     
  6. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #6
    You want us to help you win a competition? Sorry, but that sounds like cheating to me. I'm out.
     
  7. jones14 thread starter macrumors member

    Joined:
    Mar 1, 2007
    #7
    lol @ that, seriously anything is open to me for use. Besides this isn't a competition for building a form w/ database, its a full website. The main goal is to market the website with a presentation, the website is basically just a visual aid. To me this doesn't seem like cheating at all.

    I'd like to thank everyone for their time. Right now I have finished this part of my site and have a little idea of what is actually going on now.
     
  8. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #8
    Does that mean you figured out the MySQL thing?
     

Share This Page