0

I am new for PHP5 OOP concept. Please give some example source code for "How to insert data using oops concept?".I want to use pure php5 concept for this even in the connection.php page also. I want to improve my knowledge. please any one help me....

I know below the basic concept

insert_db.php

                $sql="INSERT INTO Persons (FirstName, LastName, Age)
            VALUES
            ('$_POST[firstname]','$_POST[lastname]','$_POST[age]')";

            if (!mysql_query($sql,$con))
              {
              die('Error: ' . mysql_error());
              }
            echo "1 record added";

            mysql_close($con)

connectio.php

          <?php
            // connect database  code
             $dbhost ='localhost';
            $dbuser = 'tomking';
            $dbpass = 'dsfds';
            $dbname = 'mydb';
            //connectivity of database
            $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error Connecting to mysql');
            mysql_select_db($dbname);
          ?>
Improve this question
5
  • 2
    I suggest learning MySQLi instead of the obsolete mysql API in PHP Commented Sep 20, 2012 at 4:08
  • Just google with 'insert mysql data in php', you will get lot of examples for it. Commented Sep 20, 2012 at 4:16
  • @justin But i want to use class and all the php5 concept for this. Google is showing result same as above code... Commented Sep 20, 2012 at 4:20
  • 2
    This PDO tutorial will show you how to use PDO, how to wrap it in a class is your own design decision. Commented Sep 20, 2012 at 4:22
  • if anybody have a small sample of php5 project for inserting data into database(using pure php5 concept). Then please forward it to my mail -> [email protected] Commented Sep 20, 2012 at 4:25

2 Answers 2

Reset to default
1

Use Mysqli or PDO for using sql queries instead of directly pass variables to query.

This will cause sql injection when you directly pass variable to query

If you want to pass variable to sql query , you have to use filters for this

filtering-escaping-post-data-from-injection-attacks

PDO Documentation

MySQLi Documentation

And this is all pure PHP5 concept.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Don't use stripslashes. Disable magic_quotes instead and let bind variables take care of all filtering for you.
1 
$mysqli = new mysqli($hostname, $username, $password, $database_name);

if($mysqli->error)
    die($mysqli->error);

$mysqli->query("SET NAMES 'UTF8'");

$query = "INSERT INTO my_table VALUES ('value_1', 'value_2')";
$mysqli->query($query);
if(!$mysql->error)
   echo 'do something';

$query = "SELECT * FROM my_table";
$sql = $mysqli->query($query);
if($sql->num_rows > 0) {
    while($row = $sql->fetch_assoc()) {
        echo $row['field_1'];
    }
}
$sql->close();
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.