If you have just started learning PHP then don’t learn old and obsolete stuff. It will create a lot of problems for you in the future. For example use MySQLi API instead of MySQL to connect to the databases.
Anyways here is your code. I hope It will work now. I’ve also embedded comment so you can easily understand what’s going on. 8)
envioformulario.php
[php]<?php
/* This is Just a basic validation to ensure all fields are filled and form was submitted using POST Method. Once This IF Condition evaluates to true you can use other validations too. But I will not go into the details. */
if ( $_SERVER[‘REQUEST_METHOD’] == ‘POST’ &&
!empty($_POST[‘nombre’]) &&
!empty($_POST[‘apellido’]) &&
!empty($_POST[‘telefono’]) &&
!empty($_POST[‘email’])
){
require_once('functions.inc.php');
$connection = conexion();
/* sanitizeData function is using $connection variable therefore, If these lines are moved up before declaring $connection Variable, You might get an error */
$nombre = sanitizeData($_POST['nombre']);
$apellido = sanitizeData($_POST['apellido']);
$telefono = sanitizeData($_POST['telefono']);
$email = sanitizeData($_POST['email']);
/* If the value you want to insert in the database is INT then you don't need '' just simply use the variable name. For example if nombre is a column of type INT then use {$nombre} for the VALUES. Don't use '{$nombre}' */
$query = "INSERT INTO
datos ( nombre,
apellido,
telefono,
email)
VALUES
( '{$nombre}',
'{$apellido}',
'{$telefono}',
'{$email}')
";
$result = mysqli_query($connection, $query);
/* IF query returns a valid MySQL result set, then $result will evaluate to true. AND mysqli_affected_rows($connection) == 1 ensures that One rows was affected by the above query, which in turn mean that we've have successfully entered a record in the DB */
if($result && mysqli_affected_rows($connection) == 1){
header('Location: index.php');
exit();
}
}
?>[/php]
and
functions.inc.php
[php]<?php
/* It’s better to save the connection file seprate, but I’ve defined a database function here for the sake of simplicity */
function conexion() {
/* You can Use Variable too, But as these values will not change often therefore, I've defined it as constants. */
define('DB_HOST', 'localhost');
define('DB_USER', 'root');
define('DB_PASS', '');
define('DB_INFO', 'formulario');
$conn = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_INFO);
/* IF Database connection fails, then following IF condition will execute and script will die with a notification about database error, otherwise $connection's information will be returned to the function call */
if(mysqli_connect_errno()){
die (mysqli_connect_error());
}
return $conn;
}
/* This function will sanitize i.e. strip out any bad information entered by the users */
function sanitizeData($string){
/* Global tells the function to use a variable that is declared outside of the function */
global $connection;
$string = strip_tags($string); // Removes tags e.g. <b>, <h1> etc.
$string = trim($string); // Removes spaces before or after the value.
$string = htmlspecialchars($string); //Characters to HTML entities
/* Following will automatically add backslashes if user enters ' in the field. */
$string = mysqli_real_escape_string($connection, $string);
return $string;
}
?>[/php]
Files are also included as an attachment so that you can quickly and easily download the files. ;D
envioformulario.zip (1.71 KB)