Re: INSERT INTO multiple tables

Tue, 13 Apr 2010 07:09:47 -0700

I have no idea how you got here but there is no reason to do it that way. This will work just fine and I do it every day in php. 
However I don't use mysqli   I still use ...
mysql_connect
mysql_select_db
mysql_real_escape_string
mysql_query
Don't forget to use the mysql_real_escape_string function to be sure sql injection can't happen. 


<?php
$dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to 
MySQL server');

$query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";

$result=mysqli_query($dbc, $query)
or die('Error querying database.');

$query="INSERT INTO address (street, town, state,
zip)"."VALUES('$street','$town','$state','$zip')";

$result=mysqli_query($dbc, $query)
or die('Error querying database.');

mysqli_close($dbc);

?>


Gary wrote:

Michael
Thank you for your response. It gave me the idea how to solve this, and it seemed to have worked!
For those following hoping to see a solution, what I did was open the connection, insert into one table, closed the connection, closed the php script, and the data was inserted into 2 of the tables... The code looks like this:
$dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to MySQL server'); 

$query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";

$result=mysqli_query($dbc, $query)
or die('Error querying database.');

mysqli_close($dbc);
?>

<?php
$dbc=mysqli_connect('localhost','root','','test')or die('Error connecting to MySQL server'); $query="INSERT INTO address (street, town, state, zip)"."VALUES('$street','$town','$state','$zip')"; 

$result=mysqli_query($dbc, $query)
or die('Error querying database.');

mysqli_close($dbc);

?>

It seems a bit redundant for php, but it seems to work.
If by the way anyone sees a problem with this solution, I would love to read it. 

Again, thank you for your response.

Gary
"Michael Dykman" <mdyk...@gmail.com> wrote in message news:s2p814b9a821004121404ge4415a07tbb2ab1bbba1fd...@mail.gmail.com... 
It is not a question of multiple tables, it is a question of multiple
statements.  Most PHP configurations prohibit the application of more
than one statement per call to execute.  This is generally thought to
be a security issue as the vast majority of simple PHP-based SQL
injection attacks only work on servers that allow multiple statements.

I haven't been deep in PHP land for a little while, but I think you
will find the default driver/config is expressly preventing you from
doing this.

 - michael dykman


On Mon, Apr 12, 2010 at 9:44 AM, Gary <gwp...@ptd.net> wrote:

Seriously

You should read your answers before you post, the SA link did not provide
the answer. Had you read the page you sent, you would notice it does not
apply to mulitple tables...

Gary


"Colin Streicher" <co...@obviouslymalicious.com> wrote in message
news:201004112310.16594.co...@obviouslymalicious.com...

Seriously...
I found the answer in the first result.
http://lmgtfy.com/?q=mysqli+multiple+insert+statements

Assuming mysqli, if you are using a different driver, then google that

Colin

On April 11, 2010 10:36:41 pm viraj wrote:

is it mysqli query or 'multi_query'?

http://php.net/manual/en/mysqli.multi-query.php

~viraj

On Sun, Apr 11, 2010 at 10:27 PM, Gary <gwp...@ptd.net> wrote:

I am experimenting with multiple tables, it is only a test that is my
local machine only. This is the current code, which does not work , I
have tried to concatonate the insert statements. I have tried multiple
$query variables, but it is just overwriting itself (only the last one
gets inserted). I also tried writing the $query as an array, which got
me
an error message (saying it was expecting a string and I offered an
array).

Someone point me in the right direction?

Gary

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">

<label>First Name </label> <input name="fname" type="text" /><br /><br
/>
<label>Last Name </label><input name="lname" type="text" /><br /><br /> 
<label>Street Address </label><input name="street" type="text" /><br
/><br />
<label>Town </label><input name="town" type="text" /><br /><br />
<label>State </label><input name="state" type="text" /><br /><br />
<label>Zip Code</label><input name="zip" type="text" /><br /><br />
<label>Telephone</label><input name="phone" type="text" /><br /><br />
<label>Fax</label><input name="fax" type="text" /><br /><br />
<label>E-Mail</label><input name="email" type="text" /><br /><br />
<label>Comments</label><br /><textarea name="comments" cols="100"
rows="15"></textarea><br /><br />

<input name="submit" type="submit" value="submit" />
</form>

<?php

$fname=($_POST['fname']);
$lname=($_POST['lname']);
$street=($_POST['street']);
$town=($_POST['town']);
$state=($_POST['state']);
$zip=($_POST['zip']);
$phone=($_POST['phone']);
$fax=($_POST['fax']);
$email=($_POST['email']);
$comments=($_POST['comments']);
$REMOTE_ADDR=$_SERVER['REMOTE_ADDR'];

$dbc=mysqli_connect('localhost','root','','test');
$query="INSERT INTO address (street, town, state,
zip)"."VALUES('$street','$town','$state','$zip')".
"INSERT INTO comments(comments)"."VALUES('$comments')".
"INSERT INTO
contact(phone,fax,email)"."VALUES('$phone','$fax','$email')". "INSERT
INTO name (fname, lname)"."VALUES('$fname','$lname')";

$result = mysqli_query($dbc, $query)
or die('Error querying database.');

mysqli_close($dbc);

?>
</body>
</html>



__________ Information from ESET Smart Security, version of virus
signature database 5017 (20100411) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=kali...@gmail.com

--
It is easy to find fault, if one has that disposition. There was once a
man
who, not being able to find any other fault with his coal, complained that 
there were too many prehistoric toads in it.
-- Mark Twain, "Pudd'nhead Wilson's Calendar"

__________ Information from ESET Smart Security, version of virus
signature database 5021 (20100412) __________

The message was checked by ESET Smart Security.

http://www.eset.com
__________ Information from ESET Smart Security, version of virus signature database 5021 (20100412) __________ 

The message was checked by ESET Smart Security.

http://www.eset.com





--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=mdyk...@gmail.com








--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/mysql?unsub=arch...@jab.org

Reply via email to