Untitled

// db_connection.php
<?php
  // Connect
  $server = 'hostname';
  $username = 'username';
  $password = 'password';
  mysql_connect($server, $username, $password);

  // Select database
  mysql_select_db('discography');


// addalbum.php
<?php

$error = FALSE;

if($_POST)
{
  // Trim album name (take away spaces at the ends)
  $album_name = trim($_POST['album_name']);

  // Check that it is not empty or above 150 characters
  if( ! $album_name OR strlen(album_name) > 150)
    $error = 'Album name must not be empty or longer than 150 characters';

  // If no errors
  if($error === FALSE)
  {
    // Connect to database
    require('db_connection.php');

    // Escape album name (so people can't mess up your db query)
    $album_name = mysql_real_escape_string($album_name);

    // Try insert album
    if( ! mysql_query("INSERT INTO albums(`name`) VALUES ('$album_name')"))
    {
      // Get the error to display
      $error = mysql_error();
    }
    else
    {
      // Get the id of the new album
      $id = mysql_insert_id();
      // Redirect and exit this script
      header("Location: addedalbum.php?id=$id");
      exit();
    }
}
?>

<!-- HTML head and all that -->

<?php if($error) echo "<p>$error</p>"; ?>

<!-- Form -->

<input name="album_name" value="<?php echo $_POST['album_name'] ?>" />

<!-- rest of page -->


// addedalbum.php

<?php

// Get the $id and make sure it is a number
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;

// Connect to database
require('db_connection.php');

// Run query to get the album name
$result = mysql_query("SELECT name FROM albums WHERE id=$id LIMIT 1");

if($result === FALSE OR mysql_num_rows !== 1)
{
  exit('No such album');
}

// Get the album name
$album_name = mysql_result($result, 0, 'name');
?>

<!-- HTML and such would go here -->