06-02-2005, 12:55 AM
|
#16 (permalink)
|
|
The Wanderer
Join Date: Jun 2005
Posts: 13
Thanks: 0
|
PHP Code:
<?php
error_reporting(E_ALL);
$FirstName = mysql_escape_string($_GET["FirstName"]);//use this function on all the input before storing it in database
$LastName = mysql_escape_string($_GET["LastName"]);
$Email = mysql_escape_string($_GET["Email"]);
$Phone = mysql_escape_string($_GET["Phone"]);
$Address = mysql_escape_string($_GET["Address"]);
$City = mysql_escape_string($_GET["City"]);
$State = mysql_escape_string($_GET["State"]);
$Zip = mysql_escape_string($_GET["Zip"]);
$Username = mysql_escape_string($_GET["Username"]);
$Password = mysql_escape_string($_GET["Password"]);
$LastLogin = date("Y-m-d");
print "FirstName is $FirstName<br>\n";
print "Email is $Email<br>\n";
$con = @mysql_connect("localhost", "dbuser", "dbpassword");
if($con)
{
$query = "insert into dbname.dbtable (FirstName, LastName, Email, Phone, Address, City, State, Zip, Username, Password, LastLogin)".
"values('$FirstName', '$LastName', '$Email', '$Phone', '$Address', '$City', '$State', '$Zip', '$Username', '$Password', '$LastLogin')";
$result = mysql_query($query);
if ($result)
{
echo <<<EOT
Thank You
Your signup is appreciated.
EOT; }
else
{
echo mysql_error();
}
mysql_close($con);
}
else
{
echo 'Could not connect to database<br>';
}
?>
|
|
|
|