Chris. Thanks for your response. I read somewhere that the mysqli was better, so I have been using it.
This exercise is an experiment, on my local machine only, so I ommitted any escape functions. I am trying to create DB's with multiple tables, so it is totally a learning exercise. So hopefully I will learn from my mistakes. Thanks for your help. Gary "Chris W" <4rfv...@cox.net> wrote in message news:4bc47b0b.7020...@cox.net... >I have no idea how you got here but there is no reason to do it that way. >This will work just fine and I do it every day in php. > However I don't use mysqli I still use ... > mysql_connect > mysql_select_db > mysql_real_escape_string > mysql_query > > Don't forget to use the mysql_real_escape_string function to be sure sql > injection can't happen. > > > <?php > $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting > to > MySQL server'); > > $query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')"; > > $result=mysqli_query($dbc, $query) > or die('Error querying database.'); > > $query="INSERT INTO address (street, town, state, > zip)"."VALUES('$street','$town','$state','$zip')"; > > $result=mysqli_query($dbc, $query) > or die('Error querying database.'); > > mysqli_close($dbc); > > ?> > > > Gary wrote: >> Michael >> >> Thank you for your response. It gave me the idea how to solve this, and >> it seemed to have worked! >> >> For those following hoping to see a solution, what I did was open the >> connection, insert into one table, closed the connection, closed the php >> script, and the data was inserted into 2 of the tables... The code looks >> like this: >> >> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting >> to MySQL server'); >> >> $query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')"; >> >> $result=mysqli_query($dbc, $query) >> or die('Error querying database.'); >> >> mysqli_close($dbc); >> ?> >> >> <?php >> >> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting >> to MySQL server'); >> $query="INSERT INTO address (street, town, state, >> zip)"."VALUES('$street','$town','$state','$zip')"; >> >> $result=mysqli_query($dbc, $query) >> or die('Error querying database.'); >> >> mysqli_close($dbc); >> >> ?> >> >> It seems a bit redundant for php, but it seems to work. >> >> If by the way anyone sees a problem with this solution, I would love to >> read it. >> >> Again, thank you for your response. >> >> Gary >> >> >> "Michael Dykman" <mdyk...@gmail.com> wrote in message >> news:s2p814b9a821004121404ge4415a07tbb2ab1bbba1fd...@mail.gmail.com... >> It is not a question of multiple tables, it is a question of multiple >> statements. Most PHP configurations prohibit the application of more >> than one statement per call to execute. This is generally thought to >> be a security issue as the vast majority of simple PHP-based SQL >> injection attacks only work on servers that allow multiple statements. >> >> I haven't been deep in PHP land for a little while, but I think you >> will find the default driver/config is expressly preventing you from >> doing this. >> >> - michael dykman >> >> >> On Mon, Apr 12, 2010 at 9:44 AM, Gary <gwp...@ptd.net> wrote: >> >>> Seriously >>> >>> You should read your answers before you post, the SA link did not >>> provide >>> the answer. Had you read the page you sent, you would notice it does not >>> apply to mulitple tables... >>> >>> Gary >>> >>> >>> "Colin Streicher" <co...@obviouslymalicious.com> wrote in message >>> news:201004112310.16594.co...@obviouslymalicious.com... >>> >>>> Seriously... >>>> I found the answer in the first result. >>>> http://lmgtfy.com/?q=mysqli+multiple+insert+statements >>>> >>>> Assuming mysqli, if you are using a different driver, then google that >>>> >>>> Colin >>>> >>>> On April 11, 2010 10:36:41 pm viraj wrote: >>>> >>>>> is it mysqli query or 'multi_query'? >>>>> >>>>> http://php.net/manual/en/mysqli.multi-query.php >>>>> >>>>> ~viraj >>>>> >>>>> On Sun, Apr 11, 2010 at 10:27 PM, Gary <gwp...@ptd.net> wrote: >>>>> >>>>>> I am experimenting with multiple tables, it is only a test that is my >>>>>> local machine only. This is the current code, which does not work , I >>>>>> have tried to concatonate the insert statements. I have tried >>>>>> multiple >>>>>> $query variables, but it is just overwriting itself (only the last >>>>>> one >>>>>> gets inserted). I also tried writing the $query as an array, which >>>>>> got >>>>>> me >>>>>> an error message (saying it was expecting a string and I offered an >>>>>> array). >>>>>> >>>>>> Someone point me in the right direction? >>>>>> >>>>>> Gary >>>>>> >>>>>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" >>>>>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> >>>>>> <html xmlns="http://www.w3.org/1999/xhtml";> >>>>>> <head> >>>>>> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> >>>>>> <title>Untitled Document</title> >>>>>> </head> >>>>>> >>>>>> <body> >>>>>> >>>>>> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> >>>>>> >>>>>> <label>First Name </label> <input name="fname" type="text" /><br >>>>>> /><br >>>>>> /> >>>>>> <label>Last Name </label><input name="lname" type="text" /><br /><br >>>>>> /> >>>>>> <label>Street Address </label><input name="street" type="text" /><br >>>>>> /><br /> >>>>>> <label>Town </label><input name="town" type="text" /><br /><br /> >>>>>> <label>State </label><input name="state" type="text" /><br /><br /> >>>>>> <label>Zip Code</label><input name="zip" type="text" /><br /><br /> >>>>>> <label>Telephone</label><input name="phone" type="text" /><br /><br >>>>>> /> >>>>>> <label>Fax</label><input name="fax" type="text" /><br /><br /> >>>>>> <label>E-Mail</label><input name="email" type="text" /><br /><br /> >>>>>> <label>Comments</label><br /><textarea name="comments" cols="100" >>>>>> rows="15"></textarea><br /><br /> >>>>>> >>>>>> <input name="submit" type="submit" value="submit" /> >>>>>> </form> >>>>>> >>>>>> <?php >>>>>> >>>>>> $fname=($_POST['fname']); >>>>>> $lname=($_POST['lname']); >>>>>> $street=($_POST['street']); >>>>>> $town=($_POST['town']); >>>>>> $state=($_POST['state']); >>>>>> $zip=($_POST['zip']); >>>>>> $phone=($_POST['phone']); >>>>>> $fax=($_POST['fax']); >>>>>> $email=($_POST['email']); >>>>>> $comments=($_POST['comments']); >>>>>> $REMOTE_ADDR=$_SERVER['REMOTE_ADDR']; >>>>>> >>>>>> $dbc=mysqli_connect('localhost','root','','test'); >>>>>> $query="INSERT INTO address (street, town, state, >>>>>> zip)"."VALUES('$street','$town','$state','$zip')". >>>>>> "INSERT INTO comments(comments)"."VALUES('$comments')". >>>>>> "INSERT INTO >>>>>> contact(phone,fax,email)"."VALUES('$phone','$fax','$email')". "INSERT >>>>>> INTO name (fname, lname)"."VALUES('$fname','$lname')"; >>>>>> >>>>>> $result = mysqli_query($dbc, $query) >>>>>> or die('Error querying database.'); >>>>>> >>>>>> mysqli_close($dbc); >>>>>> >>>>>> ?> >>>>>> </body> >>>>>> </html> >>>>>> >>>>>> >>>>>> >>>>>> __________ Information from ESET Smart Security, version of virus >>>>>> signature database 5017 (20100411) __________ >>>>>> >>>>>> The message was checked by ESET Smart Security. >>>>>> >>>>>> http://www.eset.com >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> MySQL General Mailing List >>>>>> For list archives: http://lists.mysql.com/mysql >>>>>> To unsubscribe: http://lists.mysql.com/mysql?unsub=kali...@gmail.com >>>>>> >>>> -- >>>> It is easy to find fault, if one has that disposition. There was once a >>>> man >>>> who, not being able to find any other fault with his coal, complained >>>> that >>>> there were too many prehistoric toads in it. >>>> -- Mark Twain, "Pudd'nhead Wilson's Calendar" >>>> >>>> __________ Information from ESET Smart Security, version of virus >>>> signature database 5021 (20100412) __________ >>>> >>>> The message was checked by ESET Smart Security. >>>> >>>> http://www.eset.com >>>> >>>> >>>> >>>> >>> >>> __________ Information from ESET Smart Security, version of virus >>> signature database 5021 (20100412) __________ >>> >>> The message was checked by ESET Smart Security. >>> >>> http://www.eset.com >>> >>> >>> >>> >>> >>> -- >>> MySQL General Mailing List >>> For list archives: http://lists.mysql.com/mysql >>> To unsubscribe: http://lists.mysql.com/mysql?unsub=mdyk...@gmail.com >>> >>> >>> >> >> >> >> > > __________ Information from ESET Smart Security, version of virus > signature database 5025 (20100413) __________ > > The message was checked by ESET Smart Security. > > http://www.eset.com > > > __________ Information from ESET Smart Security, version of virus signature database 5025 (20100413) __________ The message was checked by ESET Smart Security. http://www.eset.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org
