Created
September 20, 2012 00:56
-
-
Save erinbush/3753329 to your computer and use it in GitHub Desktop.
PHP Form code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* Create database connection */ | |
| $connection = mysql_connect("localhost", "db", "pw"); | |
| if (!$connection) { | |
| die("Database connection failed: "); | |
| } | |
| /* Select a database */ | |
| $db_select = mysql_select_db("szecetl_crimetest",$connection); | |
| if (!$db_select) { | |
| die("Database selection failed: "); | |
| } | |
| ?> | |
| <?php | |
| /* Insert data from form submission */ | |
| $fname=$_POST['firstname']; | |
| $lname=$_POST['lastname']; | |
| $state=$_POST['state']; | |
| $date=$_POST['date']; | |
| $crime=$_POST['crime']; | |
| $verdict=$_POST['verdict']; | |
| $sentence=$_POST['sentence']; | |
| $sql="INSERT INTO crimeuserinput (firstname, lastname, state, date, crime, verdict, sentence) | |
| VALUES ('".$fname."', '".$lname."', '".$state."', '".$date."', '".$crime."', '".$verdict."', '".$sentence."')"; | |
| mysql_query($sql) or die("Error: " . mysql_error()); | |
| echo "1 record added"; | |
| ?> | |
| <?php | |
| /* Close connection */ | |
| mysql_close($connection); | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Never insert unsanitized data into a database.