Tutorials

PHP Basic Database Handling

by Crayon Violent on Jun 20, 2008 2:06:06 PM

Views: 57651

Dealing With The Database: INSERT

In this first chunk of code, we will add a new name to the table, if applicable.

02. We first check our post array to see if the user entered a name.

04. If he did, we use mysql_real_escape_string as a measure to prevent sql injection attacks (good idea to read up on how to prevent sql injection attacks, since you're learning how to work with databases now).

06. The next thing we do is make our query string. The string looks just like how you would put it directly into your database, except you have " "'s wrapped around and you're assigning it to a variable.

07. The last thing we do is send the query string to the database. We do this with the mysql_query function. mysql_query only requires one argument: the query string. You don't even have to give it as a variable. You can use the string itself as the argument (wrapped in quotes). I like to keep the string separated from the mysql_query because it's easier to debug if things go wrong.

As with many mysql related functions, mysql_query accepts an optional 2nd argument to specify the connection stream.

You don't technically need to assign mysql_query to a variable. When PHP executes mysql_query, it will either will return a result source if you're expecting some kind of data to be returned, a boolean value "true" (represented by "1") if the query was a success but no data is being returned, or a boolean value "false" (represented by "0") if for some reason the query failed.

Since you will usually always want to know how the query went (like, you're expecting data, or need to know if it failed or not), you need to assign that to a variable. Ideally you will want to setup some kind of error event trapping in case something goes wrong, or check if it's a success so you can tell the user or something, but to keep it simple, I haven't really done anything like that in this script, so I technically didn't need to have that "$result = " part. But it's a habit of mine to do it anyway.

Comments

This is an incredible tutorial, i knew how to handle databases but it was so goood to recap, plus a few little things that i learned, and you have a nice way to explain. I had a great time reading it. Thanks :D

1. fearlex on Jun 27, 2008 3:54:27 PM

We're using ODBC-connect, ODBC_exec, etc. How do I create a new record using ODBC? I don't imagine I can do it with mysql commands?

2. peteschulte on Jul 23, 2008 6:36:06 PM

Well I don't really know anything about ODBC but they do have their own database handling functions in PHP that are very similar to all of the mysql_xxx counterparts. Here is a link to the functions php offers for ODBC: PHP ODBC functions

A kind of skimmed over the functions and it looks like all you really need to do is switch out the mysql_xxx functions with their ODBC_xxx counterparts.

All the code for the form and receiving info from the user etc.. would not need to be altered.

3. Crayon Violent on Jul 26, 2008 3:02:30 PM

I knew that how to handle the database through PHP, but after reading this tutorial i think it's more than i think. It's really good. Thanks!

4. deepshah on Aug 11, 2008 2:05:41 AM

I've just started to learn how to use PHP with MySQL so this tutorial has been *very* useful!

I had already put together scripts and an html form to accomplish similar things to those shown in the tutorial but with the scripts in several seperate .php files. Having everything in one file makes much more sense!

Many thanks

5. ma2tt on Aug 16, 2008 10:29:59 AM
Login or register to post a comment.