PHP does not insert in tables

存储架构 2018-01-05 阅读原文

I'm having trouble getting a practice signup form to submit data to my database ...




 



Name:

E-mail:

Password:

In addition to Ugur's answer, you are mismatching mysqli commands and mysql commands. Here's how to do this in an object oriented fashion:

// create mysqli database object
$mysqli = new mysqli_connect("localhost","username","password","database");
// store your query in a variable. question marks are filled by variables
$sql = "INSERT INTO table_name ('username','password') VALUES (?,?)";
// prepare command uses $sql variable as query
$stmt = mysqli->prepare($sql);
// "ss" means your 2 variables are strings, then you pass your two variables.
$stmt->bind_param("ss",$name,md5($password));
// execute does as it seems, executes the query.
$stmt->execute();
// then print your success message here.

Using prepared statements removes the need to sanitize user input, as harmful input is not substituted into the query directly. For more reading:

http://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php

There are some good tips for using prepared statements in many different scenarios, as well as towards the bottom, there is an explanation on how prepared statements prevent SQL injection.

Hello, buddy!

责编内容by:Hello, buddy!阅读原文】。感谢您的支持!

您可能感兴趣的

PHP中的self-static-parent关键字 php官方手册介绍: http://php.net/manual/zh/language.oop5.late-static-bindings.php ...
Oracle 12c and PHP This answers “How you connect PHP programs to an Oracle 12c multitenant databas...
Digitization of the period ISO-8601 vs & ldquo... I recently came across a big problem, as I have a system that's paying the custo...
Aurora serverless databases from AWS You may already know aboutAmazon Aurora. Available in editions that are either ...
Inserting DATE TIMESTAMP Value to MySQL Using PHP Unable to insert data into the database (mysql) using php ...