0
<?php
$id=$_POST['id'];
$sname=$_POST['sname'];
$age=$_POST['age'];
$fname=$_POST['fname'];
$room=$_POST['room'];

$array_room=array();
$count=0;
for($x=0;$x<count($array_room);$x++){
    if($id==$array_room[$x]){
        $count++;
    }
}   
if($count==3){
echo "maxed out";
}
else{
    array_push($array_room,$id);
}

/*upto here works fine

$db=mysql_connect("localhost","root","root");
if(!db)
exit("could not connect to mysql");

$er=mysql_select_db("test");
if(!er)
exit("couldnt select database");

$insert="INSERT INTO student_info VALUES ($id,$sname,$age,$fname,$room)";

$result=mysql_query($insert);
if(!result)
exit("query couldnot be executed");

print "record inserted";
?>

/*errors Use of undefined constant db - assumed 'db' Use of undefined constant er - assumed 'er' Use of undefined constant result - assumed 'result' */

Ravi Shekhar
  • 1
  • 1
  • 1
    FYI, [you shouldn't use `mysql_*` functions in new code](http://stackoverflow.com/questions/12859942/). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [red box](http://php.net/manual/en/function.mysql-connect.php)? Learn about [*prepared statements*](https://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://php.net/manual/en/mysqlinfo.api.choosing.php) will help you decide which one is best for you. – John Conde Mar 30 '17 at 23:35
  • 2
    Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). – John Conde Mar 30 '17 at 23:35
  • 2
    You repeatedly for the `$` character in front of your variables. – John Conde Mar 30 '17 at 23:36
  • er is not defined, you need (!$er) – Vbudo Mar 31 '17 at 01:07
  • and (!$result) ... do you progra in javascript or another OOP? Common mistake if you don't mentally switch over – Vbudo Mar 31 '17 at 01:08

0 Answers0