Ana Isabel
Reputation: 971
How can I fix error when inserting php form into mysql database
I'm trying to save data from a form into a mysql database. I can connect to the database but for some reason I can't get it to insert the data into the database. I have a feeling it might just be a syntax error I'm not seeing.
Any help would be much appreciated.
PHP
// Get values from form
$Nombre=$_POST['Nombre'];
$Email=$_POST['Email'];
$Telefono=$_POST['Telefono'];
// Insert data into mysql
$sql="INSERT INTO $leads(Nombre, Email, Telefono)VALUES('$Nombre','$Email','$Telefono')";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<BR>";
}
else {
echo "ERROR";
}
HTML
<form action="leads.php" method="POST">
<input placeholder="Nombre" type="text" name="Nombre" maxlength="40"/>
<input placeholder="Email" type="text" name="Email" maxlength="100"/>
<input placeholder="Teléfono" type="text" name="Telefono" maxlength="9" pattern=".{8,}" required title="8 numeros mínimo"/>
<button class="btn-cita" name="cita">Hacer Cita</button>
</form>
Upvotes: 0
Views: 57
Answers (1)
Marc B
Reputation: 360702
Yes, you do. You are vulnerable to SQL injection attacks, and are using undefined variables in your query:
$sql="INSERT INTO $leads(Nombre, Email, Telefono)VALUES('$Nombre','$Email','$Telefono')";
^^^^^^---undefined
Producing a query something like
INSERT INTO (Nombre, etc...
Upvotes: 1
Related Questions
- Cannot insert form data into a MySQL database using PHP
- MYSQL ERROR when submitting form
- can't insert in mySQL table
- Error inserting into a database from a form
- Error in inserting values in mysql in php
- PHP Form Post to MySQL database error
- MySQL error: Inserting form data into Database
- Unable to insert data into mysql database using php form
- failed to add data to database from form in PHP
- MYSQL error with PHP form