FUDforum: comp.lang.php » Adding a record to a database

Home » Imported messages » comp.lang.php » Adding a record to a database

Show: Today's Messages :: Polls :: Message Navigator

Re: Adding a record to a database [message #175104 is a reply to message #175100]

Mon, 15 August 2011 13:45

JohnT
Messages: 16
Registered: April 2011

Karma:

Junior Member

On Mon, 15 Aug 2011 05:35:37 -0700, Charles wrote:

>
>
> ('$_POST[Make]','$_POST[Model]','$_POST[Edition]','$_POST

Start here - you can't put complex variables in a string unless you quote
them like:

('{$_POST[Make]}','{$_POST[Model]}','{$_POST[Edition]}',

However - you should not be putting these directly into the database.
You should first validate in the input, and then quote the strings to
make them database safe:

('".mysql_real_escape_string($_POST[Make])."',

JohnT

Report message to a moderator

[Message index]

		Adding a record to a database By: Charles on Mon, 15 August 2011 12:35
		Re: Adding a record to a database By: Jerry Stuckle on Mon, 15 August 2011 12:46
		Re: Adding a record to a database By: JohnT on Mon, 15 August 2011 13:45
		Re: Adding a record to a database By: A.Reader on Mon, 15 August 2011 18:11
		Re: Adding a record to a database By: sheldonlg on Tue, 16 August 2011 01:02
		Re: Adding a record to a database By: Jerry Stuckle on Tue, 16 August 2011 01:50
		Re: Adding a record to a database By: Charles on Tue, 16 August 2011 08:30
		Re: Adding a record to a database By: A.Reader on Tue, 16 August 2011 09:41
		Re: Adding a record to a database By: Jerry Stuckle on Tue, 16 August 2011 10:23
		Re: Adding a record to a database By: A.Reader on Tue, 16 August 2011 13:11
		Re: Adding a record to a database By: Tim Streater on Tue, 16 August 2011 13:51
		Re: Adding a record to a database By: A.Reader on Tue, 16 August 2011 14:42
		Re: Adding a record to a database By: Tim Streater on Tue, 16 August 2011 15:58
		Re: Adding a record to a database By: Jerry Stuckle on Tue, 16 August 2011 21:21
		Re: Adding a record to a database By: Jerry Stuckle on Tue, 16 August 2011 10:17
		Re: Adding a record to a database By: sheldonlg on Tue, 16 August 2011 20:13
		Re: Adding a record to a database By: Jerry Stuckle on Tue, 16 August 2011 21:24

Previous Topic:	PHP 4 vs 5 timings
Next Topic:	Re: ftp with win-filenames with chr#32 ?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Nov 26 12:28:59 GMT 2024

Total time taken to generate the page: 0.04076 seconds