Latest Tutorials| Questions and Answers|Ask Questions?|Site Map



Home Sql Mysql-injection PHP SQL Injection Example

Related Tutorials


 
 

Share on Google+Share on Google+

PHP SQL Injection Example

Advertisement
PHP SQL Injection Example is used to show you how to insert the records to database.

PHP SQL Injection Example

     

PHP SQL  Injection Example is used to show you how to insert the records to database.

Understand with Example

The Tutorial helps you to illustrate an example from 'PHP SQL Injection Example'. To understand and grasp the example we create a table 'Stu' that has required fieldnames and datatypes respectively. The Table 'stu' has a Primary Key 'id'. 

Create Table Stu:

CREATE TABLE `stu` (                     
          `id` int(11) NOT NULL auto_increment,  
          `name` varbinary(10) default NULL,     
          `class` int(11) default '12',          
          PRIMARY KEY  (`id`)                    
        )

Insert.php:

The Insert.php include the html form page that allows the users to add the records in  table 'stu'. When a user click on  submit button in the HTML form, the data records sent to the table 'stu'.

<html>
<body ">
<form method="post" action="insert.php"
style="border: 1px solid #000000;
width :230px; margin-top: 
50px;margin-left: 70px;
padding:20px 20px 20px 20px; 
background-color: #F5F5FF;">
<table cellpadding="5">
<tr >
<td>Name</td>
<td>&nbsp;</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td>Class</td>
<td>&nbsp;</td>
<td><input type="text" name="class"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="submit" value="Submit"></td>
</tr>
</table>

</form>
<div style="border: 1px solid #000000; 
width :230px; margin-top: 
50px;margin-left: 70px;
padding:20px 20px 20px 20px ; 
background-color: #F5F5FF;">
<?php
$host = "localhost";
$user = "root";
$password = "root";
$database = "komal";
$connection = mysql_connect($host,$user,$password) 
or die("Could not connect: ".mysql_error());
$connection1 = mysql_connect($host,$user,$password) 
or die("Could not connect: ".mysql_error());
mysql_select_db($database,$connection) 
or die("Error in selecting the database:".mysql_error());

if (isset($_POST['name'])) {
$name=$_POST["name"];
$class=$_POST["class"];
$sql="insert into stu(name,class) 
values('".$name."',".$class.")";
mysql_query($sql,$connection) 
or exit("Sql Error".mysql_error());
mysql_close($connection);
}

$sql="Select * from stu";
$sql_result=mysql_query($sql,$connection1) 
or exit("Sql Error".mysql_error());
$sql_num=mysql_num_rows($sql_result);
echo "<table width=\"100%\">";
echo "<tr>";
echo "<td ><b>Id</b></td><td><b>Name</b></td> 
<td><b>Class</b></td>";
echo "</tr>";
while($sql_row=mysql_fetch_array($sql_result))
{
$id=$sql_row["id"];
$name=$sql_row["name"];
$class=$sql_row["class"];
echo "<tr><td>".$id."</td>";
echo "<td>".$name."</td>";
echo "<td>".$class."</td></tr>";
} 
echo "</table>";
mysql_close($connection1);
?>
</div>
</body>
</html>

Ourtput

Name  
Class  
   
Id Name Class
1 Ajay 12
2 Bhanu 12
3 Komal 12
4 Rakesh 12
5 Santosh 12
6 Tanuj 12
7 kk 12
8 ss 12
9 ss 12
10 komal 11
11 girish 12
Advertisement

If you enjoyed this post then why not add us on Google+? Add us to your Circles



Liked it!  Share this Tutorial


Follow us on Twitter, or add us on Facebook or Google Plus to keep you updated with the recent trends of Java and other open source platforms.

Posted on: January 29, 2009

Related Tutorials

Discuss: PHP SQL Injection Example   View All Comments

Post your Comment


Your Name (*) :
Your Email :
Subject (*):
Your Comment (*):
  Reload Image
 
 
Comments:0
DMCA.com