Here is an example, that is close to what you need. Assuming we are working with MySQL database. First, create a file named db.php where we will define several constants to store MySQL database information, as well as connect to the database:
db.php[php]<?php
// Database settings
define(“DBName”,“db_name”);
define(“HostName”,“localhost”);
define(“UserName”,“db_user”);
define(“Password”,“passw”);
// Connecting to MYSQL database
$mysqlink=mysql_connect(HostName,UserName,Password) or die(mysql_error());
mysql_select_db(DBName,$mysqlink);
?>[/php]
Next, let’s create a script that we will use just one time - to create database structure. In this example we will create just one table contacts. We will name this file create.php:
create.php[php]<?php
// connecting to MySQL database
include(‘db.php’);
// Creating MySQL database
if(!mysql_query("CREATE DATABASE IF NOT EXISTS ".DBName)){ echo mysql_error();}
else { echo ‘Database created.
’; }
// Creating table in MySQL database
if(!
mysql_query("CREATE TABLE contacts(
ID int( 4) not null auto_increment primary key,
ContactName varchar(128) default '',
Address varchar(128) default '',
City varchar( 64) default '',
State varchar( 2) default '',
Zip varchar( 10) default '',
Phone varchar( 32) default '',
Email varchar( 32) default ''
)")
){ echo mysql_error();}
else { echo ‘Table “contacts” created.
’; }
?>[/php]
Now, all we need to create database and table - run this script. I.e. from your browser open http://www.mysite.com/mydir/create.php
And finally, we will create a form and a script that will add new record to our contacts table, when the form is submitted.
We will name this file form.php.
form.php[php]<?php
include(‘db.php’);
$err=’’;
if($_POST[“submit”]){
// Validate form data
if($_POST["contactname"]=='') $err.='Please enter Contact Name<br>';
if($_POST["email"]=='') $err.='Please enter Email<br>';
if($err==''){
// Check if there are duplicate entries in the 'contacts' table
$r=mysql_query("SELECT ID FROM contacts WHERE ContactName='".addslashes($_POST["contactname"])."' and Email='".addslashes($_POST["email"])."'");
if(mysql_num_rows($r)){
$err.='Can not add duplicate entry<br>';
}
else{
// adding new record to 'contacts' table
mysql_query("INSERT INTO contacts (ContactName,Address,City,State,Zip,Phone,Email)
values ('".addslashes($_POST["contactname"])."','".addslashes($_POST["address"])."','".addslashes($_POST["city"])."','".addslashes($_POST["state"])."','".addslashes($_POST["zip"])."','".addslashes($_POST["phone"])."','".addslashes($_POST["email"])."')");
// redirecting to success screen
header("Location: thankyou.php");
exit;
}
}
}
?>
Add New Contact
Add New Contact
<?php echo $err==''?'':('
'.$err.'
') ?>
Contact Name: |
|
Address: |
|
City: |
|
State: |
|
Zip: |
|
Phone: |
|
Email: |
|
[/php]
Sure, the code above is not perfect. You can add more validation (i.e. check if email entered is valid), you can also make your code better structured, etc. In this code I also relied on php setting magic_quotes_gpc = Off (i.e. I am using addslashes() function to escape special chars). And, by the way, it is good idea to use mysql_real_escape_string() instead of addslashes() for mysql_query().
I have added some comments, so I think the code is self explanatory. But feel free to ask if you have any questions.