Inputting data from a HTML form to MYSQL using PHP error

Question

I am having some trouble using PHP to input data into a MYSQL database from a form. Below I have included the files and I would just like to mention I've previously inputted data by changing the values:

VALUES ('Jake', 'Doe', 'john@example.com')";

and it works.

index.php

    <?php include 'assets/header.php';$title='Home Page';?> 
        <div class="context">
            <form action="connect_to_mysql.php" method="post">
                <label>First Name:</label>
                <input type="text" name="first_name" id="fist_name" required="required" placeholder="Please Enter First Name"/><br /><br />
                <label>Last Name:</label>
                <input type="text" name="last_name" id="last_name" required="required" placeholder="Please Enter Your Last Name"/><br/><br />
                <label>Email:</label>
                <input type="email" name="email" id="email" required="required" placeholder="Please Enter Your Email"/><br/><br />
                <input type="submit">
            </form>

   </div>
   <?php include 'assets/footer.php';?>

connect_to_mysql.php

<?php
        $servername = "localhost";
        $username = "root";
        $password = "";
        $dbname = "test";

        // Create connection
        $conn = new mysqli($servername, $username, $password, $dbname);
        // Check connection
        if ($conn->connect_error) {
            die("Connection failed: " . $conn->connect_error);
        }

        $first_name = mysql_real_escape_string($_POST['first_name']);
        $last_name = mysql_real_escape_string($_POST['last_name']);
        $email = mysql_real_escape_string($_POST['email']);

        $sql = "INSERT INTO hello_world (firstname, lastname, email)
        VALUES ('.$first_name', '.$last_name', '.$email')";

        if ($conn->query($sql) === TRUE) {
            echo "New record created successfully";
        } else {
            echo "Error: " . $sql . "<br>" . $conn->error;
        }

        $conn->close();

?>

Error:

Fatal error: Uncaught Error: Call to undefined function mysql_real_escape_string() in E:\XAMPP\htdocs\mysql\connect_to_mysql.php:14 Stack trace: #0 {main} thrown in E:\XAMPP\htdocs\mysql\connect_to_mysql.php on line 14

Are you using PHP 7 ? If so, all `mysql*` functions have been removed, that's why `mysql_real_escape_string` raises an "Undefined function" error. Please consider using the `mysqli_real_escape_string` function instead, as you are already using `mysqli` (in fact, you shouldn't use any `mysql*` functions anywhere ever). — roberto06, Jan 16 '17 at 16:13
You also don't concatenate in double quotes. Currently your firstname, lastname, and email will all be prepended with a `.`. — chris85, Jan 16 '17 at 16:14
Possible duplicate of [Can I mix MySQL APIs in PHP?](http://stackoverflow.com/questions/17498216/can-i-mix-mysql-apis-in-php) — chris85, Jan 16 '17 at 16:15

score -1 · Answer 1 · answered Jan 16 '17 at 16:16

Use this code and check if the error still comes up Note: this code is connecting via the PDO class

<?php
            $servername = "localhost";
            $username = "root";
            $password = "";
            $dbname = "test";

            // Create connection
            $conn = new PDO('mysql:host='.$servername.';dbname='.$dbname.';', $username, $password);

            $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

            $first_name = mysql_real_escape_string($_POST['first_name']);
            $last_name = mysql_real_escape_string($_POST['last_name']);
            $email = mysql_real_escape_string($_POST['email']);

            $sql = $conn->prepare("
                INSERT INTO hello_world(first_name, lastname, email)
                VALUES (:firstname, :lastname, :email)
            ");
            $sql->execute([
                'firstname' => $firstname,
                'lastname' => $lastname,
                'email' => $email
            ]);

            if ($sql->rowCount() > 0) {
                echo "New record created successfully";
            }
            else
            {
                //error message
            }

    ?>

Inputting data from a HTML form to MYSQL using PHP error

1 Answers1