SELECT A TABLE FROM A MYSQL DATABASE TO SUBMIT DATA THROUGH A FORM

Question

I am doing a project on a transport management company system that intends to automate most of its operations. the reason I asked the question was that I had an issue trying to map the last phase of the database - finance (3 phases: vehicles, Human resource and finance).

Is there a way I can choose which table in a database where to submit data using a form; assuming I have three tables, can I use a form to select which table I can store data in to? to be more specific using a drop down list e.g you have $name, $phone_number, $address and $email so instead of inserting it to just one table let say January_records, you can choose which table to insert into using a drop-down list let say February_records, March_records...etc

Thank you in advance...

Of course you can do that. [What have you tried so far?](http://mattgemmell.com/what-have-you-tried/) — kero, Feb 12 '15 at 10:49
Thanks for replying, Am still in the database design... I thought of it recently but currently I don't know how to implement it... — Njay_Stephen, Feb 12 '15 at 10:51
@Njay_Stephen So what research have you done? Have you Googled this? Have you tried to write some code? — Styphon, Feb 12 '15 at 10:54

score -2 · Accepted Answer · answered Feb 12 '15 at 10:54

-2

use an select box in the form and in the query do like this

<form name="name" method="post">
<select name='tabletoinsert'>
<option value='tbl1'>tbl1</option>
<option value='tbl2'>tbl2</option>
<option value='tbl3'>tbl3</option>
</select>
</form>

in php file like this

$tbl=$_POST['tabletoinsert'];

$query="insert into '".$tbl."' (col1,col2) values(`val1`, `val2`)";

answered Feb 12 '15 at 10:54

john

567
8
23

your welcome but next tym try to show what you have tried or searched to resolve. it will save you from downvote .:) – john Feb 12 '15 at 11:50
thanks for the heads up, Will do.. am sort of new to this... the stackoverflow thing... – Njay_Stephen Feb 12 '15 at 11:55
1

That design will make you very vulnerable to SQL Injection attacks. – Vince Bowdren Feb 12 '15 at 12:00
@vincebowdren what if I use a framework like codeigniter or laravel? – Njay_Stephen Feb 12 '15 at 16:23
@Njay_Stephen Instead of using a framework, I'd recommend redesigning your schema; your january data and february data would be better off if you stored them all in a single _Records_ table. – Vince Bowdren Feb 12 '15 at 16:31
@Njay_Stephen. Take a look at http://www.sommarskog.se/dynamic_sql.html#Dyn_table for some advice on dynamic table names in sql. – Vince Bowdren Feb 12 '15 at 16:31
@vincebowdren thanks... In the part of code that @john posted... Can I have the following: $tbl=mysql_real_escape_string($_POST['tabletoinsert']); $query="insert into '".$tbl."' (col1,col2) values(`val1`, `val2`)"; – Njay_Stephen Feb 12 '15 at 19:40
@Njay_Stephen: That would cut out some of the vulnerabilities, but not all; see http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string for example. – Vince Bowdren Feb 13 '15 at 14:25

SELECT A TABLE FROM A MYSQL DATABASE TO SUBMIT DATA THROUGH A FORM

1 Answers1