Learning PHP and MySQL
Example 12-6 Using input from a form to add a title
<?php
// Define a function to perform the database insert and display the titles function insert_db($title, $pages){
require_once('db_login.php');
require_once('DB.php');
$connection = DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if (DB::isError($connection)){
die ("Could not connect to the database: <br />". DB::errorMessage($connection));
}
// The query includes the form sumbission values that were passed to the function
$query = "INSERT INTO `books` VALUES (NULL,'$title','$pages')";
$result = $connection->query($query);
if (DB::isError($result)){
die("Could not query the database: <br />". $query." ".DB::errorMessage($result));
}
echo "Inserted OK.<br />";
// Display the table
$query = "SELECT * FROM `books`";
$result = $connection->query($query);
if (DB::isError($result)){
die("Could not query the database: <br />". $query." ".DB::errorMessage($result));
}
echo '<table border="1">';
echo "<tr><th>Title</th><th>Pages</th></tr>";
while ($result_row = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
echo "<tr><td>";
echo $result_row["title"] . '</td><td>';
echo $result_row["pages"] . '</td></tr>';
}
echo "</table>";
$connection->disconnect();
}
?>
<html>
<head>
<title>Inserting From a Form</title>
</head>
<body>
<?php
// Retrieve the variable from the form submission
$title = $_GET["title"];
$pages = $_GET["pages"];
if (($title != NULL ) && ($pages != NULL)){
insert_db($title,$pages);
}
else {
// Display the form echo '
<h1>Enter a new title:</h1>
<form action="'.$_SERVER["PHP_SELF"].'" method="GET">
<label> Title:
<input type="text" name="title" id="title" />
</label>
<label> Pages:
<input type="text" name="pages" id="pages" />
</label>
<input type="submit" value="Go!" />
</form>';
}
?>
</body>
</html>
Posted by on 09/25 at 11:07 AM
Next entry: SQL Injection
Previous entry: Example 12-5 The file purchase.php processes the user action based on the title_id parameter