Hi I'm brand new to PHP and I'm just doing a simple form to learn. It just contains an email address, I want to Validate the information and send it to the database. My problem is connecting it to a database. I've done a few tutorials but just leave myself confused.
Right now this is my homepage
reg.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration Form</title>
</head>
<body>
<?php include("validation.php"); ?>
<form method="post" action="connect.php" name="form">
<ul id="errors">
<li><?php echo $err_email; ?></li>
</ul>
<div id="wrapper">
<div>Email</div>
<div class="input"><input type="text" name="email" value="<?php echo $val_email; ?>" /></div>
</div>
</form>
</body>
</html>
This is my validation.php file
<?php
if($_POST)
{
$email = $_POST['email'];
// Email
if (preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/', $email)) {
$val_email = $email;
}else{
$err_email = 'Please enter valid Email address.';
}
if((strlen($val_email)>0) ){
header("Location: reg");
}else{ }
}
?>
finally my connect file
<?php
$host="localhost";
$username="admin";
$password=""; // Mysql password
$db_name="davidtest"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("davidtest")or die("cannot select DB");
// Get values from form
$email=$_POST['email'];
// Insert data into mysql
$sql="INSERT INTO $users(email)VALUES('$email')";
$result=mysql_query($sql);
// close connection
mysql_close();
?>
INSERT INTO $users(email)VALUES('$email')
$users isn't a variable so will be empty when being placed into the table. I suspect you meant
$sql="INSERT INTO $tbl_name (email) VALUES ('$email')";
However you should never use unescaped user strings in queries since a malicious user could inject SQL into your query (read up on SQL Injection).
Also please be aware that the mysql_* series of functions is now deprecated, no longer maintained and will be removed in a future release of PHP. Consider mysqli or PDO.