PHP form data writes MySQL code, php form writes mysql
<H1> insert operation
<H1> insert operation
<? Php
If (! Isset ($ _ POST ['submit ']) {
// If no form is submitted, a form is displayed.
?>
<Form action = "" method = "post">
Country: <input type = "text" name = "country"/>
Animal name (English): <input type = "text" name = "animal"/>
Animal name (Chinese): <input type = "text" name = "cname"/>
<Input type = "submit" name = "submit" value = "submit Form"/>
</Form>
<? Php
}
Else
{
// If the form is submitted
// Database connection Parameters
$ Host = "localhost ";
$ User = "root ";
$ Pass = "zq19890319 ";
$ Db = "phpdev ";
// Obtain the value in the form, check whether the value in the form complies with the standard, and escape it to prevent SQL injection.
$ Country = empty ($ _ POST ['country'])? Die ("enter the country name "):
Mysql_escape_string ($ _ POST ['country']);
$ Animal = empty ($ _ POST ['animal '])? Die ("Enter English name "):
Mysql_escape_string ($ _ POST ['animal ']);
$ Cname = empty ($ _ POST ['cname'])? Die ("enter Chinese name "):
Mysql_escape_string ($ _ POST ['cname']);
// Open the database connection hovertree.com
$ Connection = mysql_connect ($ host, $ user, $ pass) or die ("Unable to connect! ");
// Select a database
Mysql_select_db ($ db) or die ("Unable to select database! ");
// Construct an SQL query
$ Query = "insert into symbols (country, animal, cname) VALUE ('$ country', '$ animal', '$ cname ')";
// Execute this query
$ Result = mysql_query ($ query) or die ("Error in query: $ query.". mysql_error ());
// The insert record number is displayed after the insert operation is successful.
Echo "the record has been inserted, mysql_insert_id () =". mysql_insert_id ();
// Close the current database connection
Mysql_close ($ connection );
}
?>