> Date: Mon, 20 Apr 2009 08:06:05 +0100 > From: andy-li...@networkmail.eu > To: defati...@hotmail.com > CC: mysql@lists.mysql.com > Subject: Re: Need help with mysql prob > > Hi, > > abdulazeez alugo wrote: > > > >> Date: Sun, 19 Apr 2009 23:19:56 +0100 > >> From: andy-li...@networkmail.eu > >> To: defati...@hotmail.com > >> CC: mysql@lists.mysql.com > >> Subject: Re: Need help with mysql prob > >> > >> Hi Alugo, > >> > >>> Hi Andy, > >>> > >>> Thanks for your prompt response. However, since tbl1_id has an > >>> auto_increment value in tbl1, mysql is actually generating the values for > >>> it automatically. > >>> > >>> > >> Ah, I see your point. I'm guessing by your code you're using PHP? If > >> so call mysql_insert_id() after you've inserted your record into tbl1. > >> That will give you the ID of the auto increment column - see the note in > >> the below link about bigint columns if your data type is bigint. > >> > >> http://uk3.php.net/mysql_insert_id > >> > >> Hope this helps, > >> Andy > >> > > > > > > > > Yes I'm using PHP. Can it be something like > > > > function newPost_tbl1($id, $entry, $text) > > > > { > > > > $conn; > > > > $result= mysql_query("INSERT INTO tbl1 (tbl1_id, entrytitle, entrytext) > > > > VALUES ('$id','$entry', $text)', $conn); > > > > $tbl1_id = mysql_insert_id($conn); > > > > } > > > > > Yep that's about it. You said that tbl1_id is an auto-increment column, > why are you including it in the insert query? You should just need > entrytitle and entrytext, then $tbl1_id will be the value of the tbl1_id > field. > > I hope you've just missed out everything on the $conn line just for > short-hand, because $conn needs to be a valid connection resource > (result from mysql_connect) before passing it to mysql_query. Also on > your MySQL query line, you've started the insert command string with a > quote " but terminated it with a single apostrophe, this terminator > should also be a quote. Your $text should also be enclosed with a > single apostrophe, and don't forget to clean your input ($entry and > $text) otherwise you'll be vulnerable to SQL injection and XSS attacks. > > Andy
Hi Andy, Thank you very much you have been really very helpful. All those mistakes you pointed at in the script about the apostrophe and others, are simple mistakes I just made in the rush of typing the message; and yes $conn is the result from mysql_connect. In my original script I clean my script to avoid mysql injection. However, if you look at the code very well, you'll realize that I have stored the result of the mysql_insert-id($conn) in a php variable $tbl1_id and this is defined within a function newPost_tbl1($id, $entry, $text). My problem now is how to access that variable in the function that inserts into the child table so that I'll have the same value for tbl1_id in tbl1 and tbl1_id in tbl2. Thanks in advance. Alugo. _________________________________________________________________ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx
