Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 4 years ago.
Improve this question
i have send one extra colum but my table has 7 elements why my sql want 1 extra?? as u can see i have send $na 2 times
$sqlQ="insert into users values ('".$na."','".$na."','".$num."','".$gender."','".$user."','".$email."','".$pass."')";
$result= mysqli_query($mysqli,$sqlQ);
actually this is not good practice to insert the value in the database.
i recommend always use something like this.
$sqlQ="insert into users (tableField,tableField1) values ('$value','$value1')";
Note:never put auto increment field name OR value in the query.and always use prepared statements to avoid sql injection attack.given code is also vulnerable.if you do not know about prepared statement raise question or google it.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
Suppose I want a webpage containing only a tick box. I wanted it to be possible for anyone to change the value of the tick box, and then the value to update for anyone checking the page, would I have to use a MySQL database? Or is there a better way to do it?
You want a really simple thing. Of course you can use a database like MySQL for it, but it is seriously not needed in any way. You just have one value, so you could have a text file with that value and it would work too. It depends on what data you want to store.
A database is good because it offers you for example things like the query.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
My question is how to include $value inside a MySQL statement. For example,
$value="1"
$sql="insert into table (value1) value ('value_');
I want to add the $value after value_. Is it possible for me to do that? If possible, could you show me the way please?
Thanks a lot...
Sure, you just wrap the variable name with curly braces:
$sql="insert into table (value1) values ('value_{$value}');
But on this stage of learning you should learn and get used to PDO prepared statements to avoid the risk of mysql injections.
$sql="insert into table (value1) value ('value_".$value."')";
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am currently getting data from a database using PHP and echoing the data out using:
$data[0]
This displays a full list of account numbers, I am wanting to put a href around this so that when I click on each one of the account numbers it runs another MYSQL query which breaks down to more information based on the account number that has been clicked.
How can this be done?
The href could point to another script which evaluates the $_GET parameters and builds a query from it, like in
12345
and
<?php // details.php
...
mysql_query( "select * from mydata where id=$_GET['id']" );
This is just a pointer, and the example is prone to SQL injection etc.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
It may sounds trivial. but I want to know the Secure way of generating user-IDs to be used in MySql table. This is because I feel that using pure Integer IDs can enable hacking?.
Everything can be hacked, the only difference is that if the ID is used as a parameter in the URL or any other input. Then a GUID could be better to use.
Example : url/?id=1.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
return(array($clientName,$salesPer,$prospectVal,$projID));
The projectID is dynamically added in database for each entry, now how can i return the ID. As i have not set any variable in PHP to map the database field.
Can anyone guide me on this.
If you're asking how to get back the ProjectID after it has been inserted into the database and automatically assigned, I suggest using something like the following:
$projID = mysql_insert_id();
immediately after running the insert statement.