2

Possible Duplicate:
How to successfully rewrite old mysql-php code with deprecated mysql_* functions?

I have not been able to insert the values into the databse . However I do not get any error message as well . 

<html>
<body>
<form action="database.php" method="post">
Name : <input type ="text" name = "name"/>
Number  :<input type ="text" name = "number"/>
<input type ="submit" value = "submit"/>
</form>
</body>
</html>

database.php

<?php
class Database
{
    var $host;
    var $user;
    var $pass;
    var $data;
    var $con;
    var $table;
    var $db;

    public function controls()
    {
        $this->host="localhost";
        $this->user="cgiadmin";
        $this->pass="cgi";
        $this->data="j2";
    }

    public function connection()
    {
        $this->con="mysql_connect($this->host,$this->user,$this->pass)";
    }
    public function tablename()
    {
        $this->table="Insert into employee(name,number) values('$_POST[name]','$_POST[number]')";
    }
    public function databaseconnection()
    {
        $this->db="mysql_select_db($this->data,$this->con)";
    }

}
$name=new Database;
$name->connection();
if(!($name->con))
{
    echo "'Error: ' . mysql_error()";
}

$name->databaseconnection();
$name->tablename();

echo "thanks for taking the survey";

?>
Community
  • 1
  • 1
Jathin
  • 79
  • 1
  • 1
  • 8

2 Answers2

2

Try this...

Modify tablename() function 

public function tablename($nam,$num)
    {
        $this->table=mysql_query("INSERT INTO employee(name,number) VALUES ('$nam','$num')");
    }

Get values and call tablename() function

$name=new Database;
$name->connection();
if(!($name->con))
{
    echo "'Error: ' . mysql_error()";
}

$name->databaseconnection();

$nam=$_POST[name];
$num=$_POST[number];
$name->tablename($nam,$num);

echo "thanks for taking the survey";
Vaishu
  • 2,333
  • 3
  • 23
  • 25
-3

You need some magic :) Read about quotes in php

<?php
class Database
{
    var $host;
    var $user;
    var $pass;
    var $data;
    var $con;
    var $table;
    var $db;

    public function controls()
    {
        $this->host="localhost";
        $this->user="cgiadmin";
        $this->pass="cgi";
        $this->data="j2";
    }

    public function connection()
    {
        $this->con = mysql_connect($this->host,$this->user,$this->pass);
    }
    public function tablename()
    {
        $this->table=mysql_query("INSERT INTO employee(name,number) VALUES ('".$_POST[name]."','".$_POST[number]."')");
    }
    public function databaseconnection()
    {
        $this->db=mysql_select_db($this->data,$this->con);
    }

}
$name=new Database();
$name->controls();
$name->connection();
if(!($name->con))
{
    echo 'Error: ' . mysql_error();
}

$name->databaseconnection();
$name->tablename();

echo "thanks for taking the survey";

?>
hakre
  • 193,403
  • 52
  • 435
  • 836
Ruben Nagoga
  • 2,178
  • 1
  • 19
  • 30
  • 5
    Holy SQL injection vulnerability, Batman! – Michael Borgwardt Jun 14 '12 at 06:21
  • @Ruben Nagoga I am getting an error message . Is it a problem with my database ? Error message is : Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'www-data'@'localhost' (using password: NO) in /home/jnagesh/public_html/SampleSurvey/MVC/database.php on line 20 Error: Access denied for user 'www-data'@'localhost' (using password: NO) Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in /home/jnagesh/public_html/SampleSurvey/MVC/database.php on line 28 – Jathin Jun 14 '12 at 06:29
  • Warning: mysql_query() [function.mysql-query]: Access denied for user 'www-data'@'localhost' (using password: NO) in /home/jnagesh/public_html/SampleSurvey/MVC/database.php on line 24 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/jnagesh/public_html/SampleSurvey/MVC/database.php on line 24 thanks for taking the survey – Jathin Jun 14 '12 at 06:30
  • Is this a problem in program or an error in the database ? – Jathin Jun 14 '12 at 06:30
  • @MichaelBorgwardt Could you please help me correct the error – Jathin Jun 14 '12 at 06:54
  • Try once more, I have edited my answer. You didn't call `controls` method before establish connection to DB so your parameters for connection weren't defined. – Ruben Nagoga Jun 14 '12 at 07:05
  • Do not forget about [SQL injection](http://simon.net.nz/articles/protecting-mysql-sql-injection-attacks-using-php/). @Michael you are always welcome to edit the answer, anyway question wasn't about SQL injection. I think there are a lot of things which can be modified in my answer but I can't write whole code with all nuances, can I ? – Ruben Nagoga Jun 14 '12 at 07:23
  • Thank you Michael and Ruben. Wil go thro' the SQL Injection topic right away :) Thanks :) – Jathin Jun 14 '12 at 07:34
  • @Jathin: Just as a pointer, the best way to prevent SQL injection is to use prepared statements. These don't exist in the old PHP mysql API, but there is the "MySQL Improved Extension" which not only has prepared statements, but the API itself is object oriented, so it seems like an ideal topic of study for you: http://php.net/manual/en/book.mysqli.php – Michael Borgwardt Jun 14 '12 at 08:35
  • @RubenNagoga: Please read other questions/answers first and then improve your answer, for example this one: http://stackoverflow.com/questions/10919277/how-to-successfully-rewrite-old-mysql-php-code-with-deprecated-mysql-functions – hakre Jun 14 '12 at 12:07