I want to insert values from a string like $email $password $username
mysql_query("INSERT INTO `cyrexhosting`.`users` (`username`, `password`, `email`)
VALUES ('123', '123', '123'");
but i don't know how
-
Is that all you have?DirtyBit– DirtyBit2015-09-25 15:26:50 +00:00Commented Sep 25, 2015 at 15:26
-
1See this: mattbango.com/notebook/code/…gen_Eric– gen_Eric2015-09-25 15:28:25 +00:00Commented Sep 25, 2015 at 15:28
-
1You want to use something called "prepared statements" for this and the MySQLi driver (vs the mysql one you are using).gen_Eric– gen_Eric2015-09-25 15:28:41 +00:00Commented Sep 25, 2015 at 15:28
-
1I honestly don't know which question to close this with, amongst 15,000Funk Forty Niner– Funk Forty Niner2015-09-25 15:30:11 +00:00Commented Sep 25, 2015 at 15:30
-
Does this answer your question? stackoverflow.com/questions/1290975/…devlin carnate– devlin carnate2015-09-25 15:30:36 +00:00Commented Sep 25, 2015 at 15:30
|
Show 2 more comments
1 Answer
If you're using the deprecated mysql function:
$user = "121";
$pass = "dummy1";
$email = "[email protected]";
mysql_query("INSERT INTO users(username, password, email) VALUES('$user', '$pass', '$email')");
On the other hand, using mysqli:
mysqli_query($con, "INSERT INTO users (username, password, email)
VALUES ('$user', '$pass', '$email')");
Note: where
$conis the mysqli connection made variable.
3 Comments
devlin carnate
I think the OP wants to know how to use variable values instead of '123'
DirtyBit
@devlincarnate if that is the case, edited.
Jay Blanchard
Your script is at risk for SQL Injection Attacks.. Please do not demonstrate bad technique in answers. Learn about prepared statements for PDO and MySQLi.