Code: Select all
<?PHP
$table = "main";
//get column headers
//http://www.phpfreaks.com/quickcode/Get-field-list-from-a-MySQL-table/181.php
function GetFieldList($DB, $Table) {
$fldlist = mysql_list_fields($DB, $Table);
$columns = mysql_num_fields($fldlist);
for ($i = 0; $i < $columns; $i++) {
$Listing[] = mysql_field_name($fldlist, $i);
}
Return ($Listing);
}
//connects to database
include 'mysqlconnect.php'; //also contains '$database' variable
$result = mysql_query("SELECT * FROM " . $table, $connect) or die( mysql_error() );
$num_rows = mysql_num_rows($result);
$column_headers = GetFieldList($database, $table);
$col_count = count($column_headers);
for ($i = 1; $i < $col_count; $i++){
$index = $column_headers[$i];
$value[$i - 1] = isset($_POST[$index]) ? $_POST[$index] : "";
}
$headers = "";
for ($i = 1; $i < $col_count; $i++) {
$headers .= ($column_headers[$i] . ", ");
} $headers = substr($headers, 0, strlen($headers) - 2);
$values = "";
print $headers . "<BR>";
for ($i = 0; $i < $col_count; $i++) {
$values .= ("'" . $value[$i] . "', ");
} $values = substr($values, 0, strlen($values) - 2);
print $values . "<BR>";
$query = mysql_query("INSERT INTO main ($headers) VALUES ($values)");
if ($query) print "SUCCESS!";
else print "Unable to process request.";
?>And I will add anti-SQL injection features later, once this is fixed.
I am using PHP Version 4.4.1
Is my concept all wrong? I just wanted an easy way to grab form data once my database was setup, but I'm thinking it might not work ='(
Thanks =D