Page 1 of 1

Switching to "globals off"... need help

Posted: Tue Jul 29, 2003 12:06 am
by Sinemacula
Okay, so I've upgraded my PHP and now am preparing to run with "globals off"... however, as a newbie, I'm not sure I fully understand how to best change my scripts for getting form data into a mysql database... so, here's an example of a scritp that is called from an html form that I've reworked... and I'm wondering if there's a better/more effecient/easier way to deal with the change:

Code: Select all

<?PHP
	$db = mysql_pconnect(localhost, root);
	if (!$db) &#123; 
echo( "<p>Unable to connect to the " . 
"database server at this time.</p>" ); 
exit(); 
&#125;

//new code starts here	
$Company=$_POST&#1111;'Company'];
	$Name=$_POST&#1111;'Name'];
	$Code=$_POST&#1111;'Code'];
	$Results=$_POST&#1111;'Results'];
	$Dept=$_POST&#1111;'Dept'];
	$Mailing=$_POST&#1111;'Mailing'];
	$Email=$_POST&#1111;'Email'];
	$Gender=$_POST&#1111;'Gender'];
	$Age=$_POST&#1111;'Age'];
//new code ends here
	
		mysql_select_db(dissertation, $db);
	$sql = ("INSERT INTO participants (Company,Name,Code,Results,Dept,Mailing,Email,Gender,Age) VALUES ("$Company", "$Name", "$Code", "$Results", "$Dept", "$Mailing", "$Email", "$Gender", "$Age");"); 
	$result = mysql_query($sql, $db);
?>
<html><body>
Done.</body></html>
I've got several scripts that are all very similar, so I think if I can just get some direction with this little example, I should be set to rewrite the rest.

Thanks,
Scott

Posted: Tue Jul 29, 2003 12:14 am
by graphicmd
Looks pretty good to me.
This is the way I would do it.

Code: Select all

<?PHP 
$db = mysql_connect("localhost", "root") or die("could not connect: " . mysql_error()); 
mysql_select_db("dissertation", $db) or die("could not connect: " . mysql_error());

//new code starts here    
$Company = $_POST&#1111;'Company']; 
$Name = $_POST&#1111;'Name']; 
$Code = $_POST&#1111;'Code']; 
$Results = $_POST&#1111;'Results']; 
$Dept = $_POST&#1111;'Dept']; 
$Mailing = $_POST&#1111;'Mailing']; 
$Email = $_POST&#1111;'Email']; 
$Gender = $_POST&#1111;'Gender']; 
$Age = $_POST&#1111;'Age']; 
//new code ends here 
    
$sql = "INSERT INTO participants (Company, Name, Code, Results, Dept, Mailing, Email, Gender, Age) VALUES ('$Company','$Name', '$Code', '$Results', '$Dept', '$Mailing', '$Email', '$Gender', '$Age')"; 

?> 
<html>
<body> 
<?php
if (@mysql_query ($sql))&#123;
	echo("<p>Insert complete</p>");
&#125;else&#123;
	echo ("<p>couldn't insert into table: " . mysql_error() . "</p>");
&#125;
?>
</body>
</html>
or you can do it like this

Code: Select all

<?PHP 
$db = mysql_connect("localhost", "root") or die("could not connect: " . mysql_error()); 
mysql_select_db("dissertation", $db) or die("could not connect: " . mysql_error());
  
$sql = "INSERT INTO participants (Company, Name, Code, Results, Dept, Mailing, Email, Gender, Age) VALUES ('".$_POST&#1111;'Company']."','".$_POST&#1111;'Name']."', '".$_POST&#1111;'Code']."', '".$_POST&#1111;'Results']."', '".$_POST&#1111;'Dept']."', '".$_POST&#1111;'Mailing']."', '".$_POST&#1111;'Email']."', '".$_POST&#1111;'Gender'].", '".$_POST&#1111;'Age']."')"; 

?> 
<html>
<body> 
<?php
if (@mysql_query ($sql))&#123;
	echo("<p>Insert complete</p>");
&#125;else&#123;
	echo ("<p>couldn't insert into table: " . mysql_error() . "</p>");
&#125;
?>
</body>
</html>

Thanks!

Posted: Tue Jul 29, 2003 10:21 am
by Sinemacula
Cool, thanks.

Now I can see why my first attempt (similar to your second example) didn't work... I didn't realize I needed a "." before and after the "$_POST['fieldname']"

Scott

Posted: Tue Jul 29, 2003 10:42 am
by nielsene
Or this way:

Code: Select all

$sql = "INSERT INTO participants (Company, Name, Code, Results, Dept, Mailing, Email, Gender, Age) VALUES ('{$_POST['Company']}','{$_POST['Name']}', '{$_POST['Code']}', '{$_POST['Results']}', '{$_POST['Dept']}', '{$_POST['Mailing']}', '{$_POST['Email']}', '{$_POST['Gender']}, '{$_POST['Age']}')";
Using braces {} to avoid the constant changing in and out of the string/concatentation.

Posted: Tue Jul 29, 2003 1:18 pm
by qartis
Boy, I was beginning to think I was the only one who preferred to use curly braces nielsene :)

Posted: Tue Jul 29, 2003 1:53 pm
by nielsene
Well I try to avoid the need for braces, even if it means I've declared an extra local variable to hold the value from the array. I find that the braces often confuse people, so its better to avoid them if possible. However they only confuse people because they aren't used to them, so its definately worth educating people -- maybe in the future I won't have to avoid them as much.....