+ 2
Im making a registration form Whats the problem here. Output: not prepare..
5 Respuestas
+ 3
I would suggest using my below code and adapting to your needs, this is using the latest from PDO, PHP7, and is cleaner and easier to read than your example.
<?php
$host = 'localhost';
$user = 'username';
$pass = 'password';
$database = 'my_database';
$options = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false
);
$pdo = new PDO("mysql:host=$host;dbname=$database", $user, $pass, $options);
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$sql = "INSERT INTO `users` (`first_name`, `last_name`) VALUES (:first_name, :last_name)";
$statement = $pdo->prepare($sql);
$statement->bindValue(':first_name', $first_name);
$statement->bindValue(':last_name', $last_name);
$inserted = $statement->execute();
if($inserted){
echo'Inserted';
}
else {
echo'Not Inserted';
}
?>
+ 3
.. thanks brother.
+ 2
thats pdo right?
+ 2
thanks a lot .
+ 1
Yeah thats correct, PDO, so you don't need to use mysqli_real_escape_string to escape data as PDO can handle that for you.