0

PHP insert into query not sending anything to database, maybe because it's inside Javascript function, i don't know yet.. Anyone could help please? thanks.

<script>
function getMeta(){   
    var img = new Image();
    img.onload = function(){
        if (this.width != 468 && this.height != 60)
    {alert( 'Error : only these image sizes are accepted : 468x60' );
    return false;}
    
    else
    alert( 'loaded successfully' );
    document.getElementById('form1').submit();
    <?php

            include("connection.php");
            $email=$_POST["t1"];
            $email=addslashes($email);
         $img=$_POST["t2"];
         $img=addslashes($img);
         $target=$_POST["t3"];
         $target=addslashes($target);
  
            $sql=mysql_query("insert into b1(email, img, target) values  ('$email', '$img', '$target')");
   
?>

    };
 img.onerror = function() {alert( 'Error : this is not a valid image');
 return false;
  };
    img.src = document.getElementById('t2').value;
 return true;
}


</script>
king bla
  • 55
  • 1
  • 8
  • 2
    **WARNING**: If you're just learning PHP, please, do not learn the obsolete [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface. It's awful and has been removed in PHP 7. A replacement like [PDO is not hard to learn](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/) and a guide like [PHP The Right Way](http://www.phptherightway.com/) helps explain best practices. Your user parameters are **not** [properly escaped](http://bobby-tables.com/php) and you have severe [SQL injection bugs](http://bobby-tables.com/) here. – tadman Apr 25 '16 at 07:40
  • now it sends blank values to database.. need help. thanks – king bla Apr 25 '16 at 07:41
  • 1
    you have to put the php code into another file and communicate it with js by get or post method. for reference, http://stackoverflow.com/questions/20392036/send-data-to-mysql-with-ajax-jquery-php – Md. Khairul Hasan Apr 25 '16 at 07:41
  • 1
    There is nothing wrong in putting `PHP` code inside `JS`..Though it is a __BAD__ practice.. You must have a condition inside ` – Rayon Apr 25 '16 at 07:44

0 Answers0