-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Did you buy your last car with cash or on a finance plan?
Submitting form data to MySQL
- Thread starter Thor
- Start date
DrJohnZoidberg
Honorary Master
Your code is exactly how you shouldn't capture user input 
Use mysqli and prepared statements.
E.g:
This code is very basic but you get the idea.
Docs: https://secure.php.net/manual/en/mysqli.prepare.php
Use mysqli and prepared statements.
E.g:
Code:
// Database details
$dbhost = 'localhost';
$dbuser = 'youruser';
$dbpass = 'yourpass';
$dbname = 'yourdb';
// Connects to your Database
$db = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if($db->connect_errno > 0){
die('Unable to connect to database [' . $db->connect_error . ']');
}
$statement = $db->prepare("INSERT INTO table (`value_1`, `value_2`, `value_3`) VALUES (?, ?, ?)");
$statement->bind_param('sss', $postvalue1, $postvalue2, $postvalue3);
$statement->execute();
$statement->close();This code is very basic but you get the idea.
Docs: https://secure.php.net/manual/en/mysqli.prepare.php
Last edited:
Like I said works perfectly on Xamp just not on the VPS.