MySQL - insertion multiple insertions, page stops working

Question

I have made a makegroup.php site which is supposed to create a group, and put the person in the connection table between UserID and GroupID.

..but I am not sure how to go on. The logged in user is saved in session variable $usid, but how what about GroupID? How do I fetch that right after on another page? Need I make this in steps? Including quick DB scheme.

Thanks in advance.

Use http://php.net/manual/en/mysqli.insert-id.php. You are open to SQL injections with this code. — chris85, Nov 26 '15 at 14:11

score 0 · Accepted Answer · edited May 23 '17 at 12:15

0

I guess GrouID is autonumeric?

So you leave db create the id for you.

Also loos like you are trying to concat the $groupname value

 $sql = "INSERT INTO group (Groupname) VALUES ('".$groupname."') ";

But you dont want do that because that method is vulnerable to SQL Injection attack

Use parametrized values instead

How can I prevent SQL injection in PHP?

edited May 23 '17 at 12:15

Community

1
1

answered Nov 26 '15 at 14:12

Juan Carlos Oropeza

47,252
12
78
118

MySQL - insertion multiple insertions, page stops working

1 Answers1