Convert String from PHP to int in SQL

Question

I have the following basic HTML form:

<form action="" method="post">

Name: <input type="text" name="name" /><br><br>

College: <select name = "colleges">
    <option> ---Select College---</option>
  <option value="option1">DIT</option>
  <option value="option2">University College Dublin</option>
</select><br><br>

Email: <input type="text" name="email" /><br><br>

Password: <input type="text" name="password" /><br><br>
Location: <input type="text" name="location" /><br><br>

 <button type="submit" name="submit" >Submit</button>

</form>

And the following section of PHP which I am quite new to:

if(isset($_POST["submit"])) {
    $name = $_POST["name"];
    $college_name = $_POST["college"];
    $email = $_POST["email"];
    $password = $_POST["password"];
    $location = $_POST["location"];
}
$sql = "INSERT INTO user(name, college, email, password, location) VALUES ($name, $college_name, $email, $password, $location)";
?>

My database has college as an int, so DIT would be 1 in the database. Can anyone tell me how to do this so that it sends 1 as college_name instead of the actual name that the user sees?

Also... your SQL statement is vulnerable to SQL injection. You should read this: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php — bluemoon6790, Nov 14 '19 at 14:51
Oh it is 10000% I'm just trying to do the basics before I even think of getting into that — Jessie, Nov 14 '19 at 15:16
Fair enough. Felt like it was safer to mention it, since you said you're quite new to PHP. — bluemoon6790, Nov 14 '19 at 16:29

score 2 · Answer 1 · answered Nov 14 '19 at 14:44

Change this

College: <select name = "colleges">
    <option> ---Select College---</option>
  <option value="option1">DIT</option>
  <option value="option2">University College Dublin</option>
</select><br><br>

to this

College: <select name = "colleges">
    <option> ---Select College---</option>
  <option value="1">DIT</option>
  <option value="2">University College Dublin</option>
</select><br><br>

and this

if(isset($_POST["submit"])) {
    $name = $_POST["name"];
    $college_name = $_POST["college"];
    $email = $_POST["email"];
    $password = $_POST["password"];
    $location = $_POST["location"];
}

to this

if(isset($_POST["submit"])) {
    $name = $_POST["name"];
    $college_name = (int) $_POST["colleges"];
    $email = $_POST["email"];
    $password = $_POST["password"];
    $location = $_POST["location"];
}

Thanks for the breakdown really easy to understand the answer. Thanks — Jessie, Nov 14 '19 at 15:10

score 2 · Accepted Answer · answered Nov 14 '19 at 14:46

In your options put numerical values:

College: <select name="colleges">
    <option value="1">DIT</option>
    <option value="2">University College Dublin</option>
</select>

then correct your php to match the name of the select in the $_POST array:

$college_name = (int) $_POST["colleges"];

score 1 · Answer 3 · answered Nov 14 '19 at 14:42

1

Just use

<option value='1' > DIT </option>

Instead of adding option1 as a value

answered Nov 14 '19 at 14:42

profiile_samir

191
2
9

score 1 · Answer 4 · answered Nov 14 '19 at 14:48

Why arent you using the option value?

$_POST["college"] is returning option1

I think the correct way is defining the value as 1:

The following:

<option value="1">DIT</option>

Will return: 1

You can also use a If else statement

if ($_POST["college"] == 'option1')
{
$college = 1;
}

if ($_POST["college"] == 'option2')
{
$college = 2;
}

Convert String from PHP to int in SQL

4 Answers4