MySQL insert row from HTML table into db table

Question

I am using a for loop to construct a HTML table from the contents of a MySQL table select query. I have a link on the end of each row to copy that row into another table.

I'm unsure how to get the data from the table row for the MySQL insert query - I have marked the place where I'm struggling with XXX.

<?php

mysql_select_db("cardatabase");

$link = mysql_connect("localhost", "root", "password");
$query = "SELECT * from cars";
$result = mysql_query($query);

if($_GET['rent']) {
    $rent = "INSERT INTO rentedcars VALUES('XXX','XXX','XXX','XXX','XXX','XXX','XXX','XXX','XXX','XXX')";
    mysql_query($rent);
    echo "<meta http-equiv='refresh' content='0;url=rent.php'/>";
}

echo "<table>";
echo "<tr><td>ID</td><td>Make</td><td>Model</td><td>Fuel Type</td><td>Transmission</td><td>Engine Size</td><td>Doors</td><td>Amount</td><td>Available</td><td>Date Added</td><td>Remove</td></tr>";

for ($i = 0; $i < mysql_num_rows($result); $i++) {
    $row = mysql_fetch_object($result);
    echo "<tr>
        <td>$row->ID</td>
        <td>$row->CARMAKE</td>
        <td>$row->CARMODEL</td>
        <td>$row->FUELTYPE</td>
        <td>$row->TRANSMISSION</td>
        <td>$row->ENGINESIZE</td>
        <td>$row->DOORS</td>
        <td>$row->AMOUNT</td>
        <td>$row->AVAILABLE</td>
        <td>$row->DATEADDED</td>
        <td><a href='?rent=$row->ID'>Rent</a></td>
        </tr>";
}
echo "</table>";

edit (updated code):

<?php

mysql_select_db ("cardatabase");

$link   = mysql_connect ("localhost", "root", "password");
$query  = "SELECT * from cars";
$result = mysql_query ($query);

if($_GET['rent']) {
    $query_car = sprintf("SELECT * from cars WHERE ID=%s",$_GET['rent']);
    $rslt      = mysql_query($query_car);
    $car       = mysql_fetch_object ($rslt);
    $rent      = "INSERT INTO rentedcars VALUES('$car->ID','$car->CARMAKE','$car->CARMODEL','$car->FUELTYPE','$car->TRANSMISSION','$car->ENGINESIZE','$car->DOORS','$car->AMOUNT','$car->AVAILABLE','$car->DATEADDED')";
    mysql_query($rent);
    echo "<meta http-equiv='refresh' content='0;url=rent.php'/>";
}

echo "<table>";
echo "<tr>";
echo "<td>ID</td><td>Make</td><td>Model</td><td>Fuel Type</td><td>Transmission</td><td>Engine Size</td><td>Doors</td><td>Amount</td><td>Available</td><td>Date Added</td><td>Remove</td>";
echo "</tr>";

while ($row = mysql_fetch_object($result)) {
    echo "<tr>
        <td>$row->ID</td>
        <td>$row->CARMAKE</td>
        <td>$row->CARMODEL</td>
        <td>$row->FUELTYPE</td>
        <td>$row->TRANSMISSION</td>
        <td>$row->ENGINESIZE</td>
        <td>$row->DOORS</td>
        <td>$row->AMOUNT</td>
        <td>$row->AVAILABLE</td>
        <td>$row->DATEADDED</td>
        <td><a href='?rent=$row->ID'>Rent</a></td>
        </tr>";
}
echo "</table>";

Answer 1

mysql_* is deprecated as of PHP 5.5.0, you should use something like PDO.

try {
    $DBH = new PDO('mysql:dbname=cardatabase;host=localhost', 'root', 'password');
} catch (PDOException $e) {
    echo 'Connection failed: ' . $e->getMessage();
}

$STH = $DBH->query("SELECT * FROM cars")->execute();

while ($row = $STH->fetch(PDO::FETCH_OBJ)) {
      echo "<tr>
<td>$row->ID</td>
<td>$row->CARMAKE</td>
<td>$row->CARMODEL</td>
<td>$row->FUELTYPE</td>
<td>$row->TRANSMISSION</td>
<td>$row->ENGINESIZE</td>
<td>$row->DOORS</td>
<td>$row->AMOUNT</td>
<td>$row->AVAILABLE</td>
<td>$row->DATEADDED</td>
<td><a href='?rent=".$row->ID."'>Rent</a></td>
</tr>";
    }

Edit: Just like @Skatox said!

Answer 2

you are missing the column names in your insert query

 $rent = "INSERT INTO rentedcars (id ,carmake, carmodel,fueltype,transmission, enginesize,doors,amount ,available, dateadded) 
           VALUES('xxx','xxx','".$carmodel."','XXX','XXX','XXX','XXX','XXX','XXX','XXX')"; 

                                   ^^^^^-------------i showed u exempel under

those XXX are values you get the from the inputs values

exemple

  <input  name= "car_model" id= "car_model" value="mercedes" > 

then you get this value

 if (isset($_POST['car_model'])){ $carmodel = $_POST['car_model']}

and then use this value $carmodel in your sql

Answer 3

I would do it like this:

<?php
$link = mysql_connect ("localhost", "root", "password");
mysql_select_db ("cardatabase");
$query = "SELECT * from cars";
$result = mysql_query ($query);

Get car information and store it

if($_GET['rent'])
{
$query_car = sprintf("SELECT * from cars WHERE ID=%s",$_GET['rent']); //Avoids sql injection
$rslt = mysql_query($query_car);
$car = mysql_fetch_object ($rslt) 

Here you need to validate if there's no car

$rent = "INSERT INTO rentedcars VALUES('$car->ID','$car->CARMAKE','$car->CARMODEL','$car->FUELTYPE','$car->TRANSMISSION','$car->ENGINESIZE','$car->DOORS','$car->AMOUNT','$car->AVAILABLE','$car->DATEADDED')";
mysql_query($rent);
echo "<meta http-equiv='refresh' content='0;url=rent.php'/>";
}

Change it to while like @Vinoth Babu said:

while   ($row = mysql_fetch_object ($result)) 
{        
$row = mysql_fetch_object ($result);
echo "<tr>
<td>$row->ID</td>
<td>$row->CARMAKE</td>
<td>$row->CARMODEL</td>
<td>$row->FUELTYPE</td>
<td>$row->TRANSMISSION</td>
<td>$row->ENGINESIZE</td>
<td>$row->DOORS</td>
<td>$row->AMOUNT</td>
<td>$row->AVAILABLE</td>
<td>$row->DATEADDED</td>
<td><a href='?rent=$row->ID'>Rent</a></td>
</tr>";
}
print "</table>";
?>

I would recommend you to switch to MySQL PDO, it's safer and you'll get a better and secure code.