Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $hostname = 'localhost';
- $username = '';
- $password = '';
- $database = '';
- $con = mysql_connect($hostname, $username, $password) or die(mysql_error()); // I would avoid using or dies for MySQL, but that's just me.
- mysql_select_db($database) or die(mysql_error());
- // We need to sanitize the user input.
- // First mysql_real_escape_string makes sure nothing "unexpected" is going in MySQL.
- // htmlspecialchars removes any HTML formatting that is not needed.
- $name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
- $body = mysql_real_escape_string(htmlspecialchars($_POST['body']));
- $query = mysql_query("INSERT INTO blog (name, body) VALUES('$name', '$body')");
- if($query == true) {
- echo '1 record was added!';
- } else {
- die(mysql_error());
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement