0

I've tried for over ten days to get this form and php script to link to the database on the server. It won't! Can anyone help?

Here's the PHP: (the server address, user name and password all work) The form is an employment application. This code only covers the top portion, I figured I'd finish the restonce I got this part working.

 <?php 
$link = mysql_connect('innovativeretailassu.ipagemysql.com', '', ''); 
if (!$link) { 
die('Could not connect: ' . mysql_error()); 



// Connect to the file above here   

if(isset($_POST['lastname'])&&isset($_POST['firstname'])&&isset($_POST['mi'] )&&isset($_POST['address'])&&isset($_POST['city'])&&isset($_POST['state'])&&isset($_POST['zipcode'])&&isset($_POST['phone'])&&isset($_POST['email'])&&isset($_POST['ssnumber'])&&isset($_POST['dob'])&&isset($_POST['securityquestion'])){
    if($_POST['lastname']!=""&&$_POST['firstname']!=""&&$_POST['mi']!=""&&$_POST['ad dress']!=""&&$_POST['city']!=""&&$_POST['state']!=""&&$_POST['zipcode']!=""&&$_POST['phone']!=""&&$_POST['email']!=""&&$_POST['ssnumber']!=""&&$_POST['dob']!=""&&$_POST['securityquestion']!=""){
        $last_name=$_POST['lastname'];
        $first_name=$_POST['firstname'];
        $mi=$_POST['mi'];
        $address=$_POST['address'];
        $apartment=$_POST['apartment'];
        $city=$_POST['city'];
        $state=$_POST['state'];
        $zip_code=$_POST['zipcode'];
        $phone=$_POST['phone'];
        $email=$_POST['email'];
        $ss_number=$_POST['ssnumber'];
        $dob=$_POST['dob'];
        $security_question=$_POST['securityquestion'];
        $sql_store="INSERT into employees(id,lastname,firstname,mi,address,apartment,city,state,zipcode,phone,email,ssnumber,dob,securityquestion) VALUES(NULL,'$lastname','$firstname','$mi','$address','$apartment','$city','$state','$zipcode','$phone','$email','$ssnumber','$dob','$securityquestion')";
        $sql=mysql_query($employees,$sql_store)or die(mysql_error());
    }else{
        echo "The top of the form must be fillied out completely.";
    }
 ?

Please, someone straighten me out on this problem. Thank You; Eric

RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Eric 600
  • 1
  • 1
  • What errors do you get? – Tony Hensler Oct 09 '16 at 19:36
  • 1
    You must provide Database Username, Password and Database Name in mysql_connect call. Also, you should not use mysql_query as it is deprecated. Use MySQLi or PDO instead. – Nikola R. Oct 09 '16 at 19:37
  • 1
    what is this variable? $employees?? – Rafael Shkembi Oct 09 '16 at 19:37
  • Could it be the space in 'ad dress' in the second line? – Shredderroy Oct 09 '16 at 19:38
  • You should probably start over using PDO or mysqli and a prepared statement. This uses a deprecated database api (it's been removed in the newest php versions...) and is one big sql injection hole. – jeroen Oct 09 '16 at 19:39
  • **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) that has been [removed](http://php.net/manual/en/mysql.php) from PHP. You should select a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Oct 09 '16 at 19:39
  • I think the best thing you can do is to start reading about php. You cannot run without starting to walk... – Rafael Shkembi Oct 09 '16 at 19:39
  • Please post code that would compile, otherwise we have no idea what you have actually coded – RiggsFolly Oct 09 '16 at 19:41
  • `mysql_query($employees,$sql_store)` is invalid, not sure what you're trying to do there. You'll be open to SQL injections when you get this working. – chris85 Oct 09 '16 at 19:54
  • Thank You for the advise. I will review the code, following your suggestions, and will repost it if it still does not work. Again, many thank's; – Eric 600 Oct 11 '16 at 17:05

0 Answers0