TalkPHP - View Single Post

YBH · 12-05-2007, 06:46 PM

Ok, to clear it up some more. I'm working on the admin section of my client area script. Currently, I'm working on "adding client" section. Here is the code with the improvements you guys have given me

PHP Code:


			
<?php
// Variables
$user = $_POST['user'];
$pass = $_POST['pass'];
$dir = $_POST['dir'];
$address = $_POST['address'];
$phone = $_POST['phone'];
$email = $_POST['email'];

// Making sure everything was filled out
if (!$user || !$pass || !$dir || !$address || !$phone || !$email)

{
    echo 'You have not entered all the required fields.';
    exit;
}

if (!get_magic_quotes_gpc())

{
    $user = stripslashes($user);
    $pass = stripslashes($pass);
    $dir = stripslashes($dir);
    $address = stripslashes($address);
    $phone = stripslashes($phone);
    $email = stripslashes($email);
}

// Connect to db
$db = new mysqli ('localhost', 'user', 'pass', 'dir', 'address', 'phone', 'email');

// Cant connect to db
if (mysqli_connect_errno())

{
    echo 'Error: Could not connect to database.';

    exit;
}

// Preparing to add customer
$stmt = $db->prepare("INSERT INTO clients(user,pass,dir,address,phone,email) VALUES(?,?,?,?,?,?)");

// Let mysqli handle all escaping
$stmt->bind_param("sss", $user, $pass, $dir, $address, $phone, $email);

// Execute the statement
$stmt->execute();

// Client added
if($stmt->affected_rows > 0)
    echo ' Client inserted into database';

// Cleanup
$stmt->close();
$db->close(); 

?>

My HTML form method is POST, that includes the variables listed in the php file. Is there any improvements I could do? Or is it good stuff for a beginner?

I was planning on adding the array_map, that Sock recommended but got confused in the process, hehe :)

I will be adding all the information, so the name, password, etc will be added by me. I don't want just anyone signing up. The $dir will be the where the URLs will be stored.

I do have a question about MySQL. Do I need to completely have a different table for the URLs? Or can MySQL store it the way I'm picturing it. Let me show you want I mean:

Client table as of now:
User names
User1*
User2**
|
|
Passwords
pass1*
pass2**

ETC.

Will they all connect to each other? Or would I need to do a table for usernames, a table for passwords, etc.

12-05-2007, 06:46 PM	#17 (permalink)
YBH The Wanderer Join Date: Dec 2007 Posts: 22 Thanks: 4	Ok, to clear it up some more. I'm working on the admin section of my client area script. Currently, I'm working on "adding client" section. Here is the code with the improvements you guys have given me PHP Code: <?php // Variables $user = $_POST['user']; $pass = $_POST['pass']; $dir = $_POST['dir']; $address = $_POST['address']; $phone = $_POST['phone']; $email = $_POST['email']; // Making sure everything was filled out if (!$user \|\| !$pass \|\| !$dir \|\| !$address \|\| !$phone \|\| !$email) { echo 'You have not entered all the required fields.'; exit; } if (!get_magic_quotes_gpc()) { $user = stripslashes($user); $pass = stripslashes($pass); $dir = stripslashes($dir); $address = stripslashes($address); $phone = stripslashes($phone); $email = stripslashes($email); } // Connect to db $db = new mysqli ('localhost', 'user', 'pass', 'dir', 'address', 'phone', 'email'); // Cant connect to db if (mysqli_connect_errno()) { echo 'Error: Could not connect to database.'; exit; } // Preparing to add customer $stmt = $db->prepare("INSERT INTO clients(user,pass,dir,address,phone,email) VALUES(?,?,?,?,?,?)"); // Let mysqli handle all escaping $stmt->bind_param("sss", $user, $pass, $dir, $address, $phone, $email); // Execute the statement $stmt->execute(); // Client added if($stmt->affected_rows > 0) echo ' Client inserted into database'; // Cleanup $stmt->close(); $db->close(); ?> My HTML form method is POST, that includes the variables listed in the php file. Is there any improvements I could do? Or is it good stuff for a beginner? I was planning on adding the array_map, that Sock recommended but got confused in the process, hehe :) I will be adding all the information, so the name, password, etc will be added by me. I don't want just anyone signing up. The $dir will be the where the URLs will be stored. I do have a question about MySQL. Do I need to completely have a different table for the URLs? Or can MySQL store it the way I'm picturing it. Let me show you want I mean: Client table as of now: User names User1* User2** \| \| Passwords pass1* pass2** ETC. Will they all connect to each other? Or would I need to do a table for usernames, a table for passwords, etc.