List:General Discussion« Previous MessageNext Message »
From:Gary Date:April 13 2010 3:49pm
Subject:Re: INSERT INTO multiple tables
View as plain text  
Chris.

Thanks for your response.  I read somewhere that the mysqli was better, so I 
have been using it.

This exercise is an experiment, on my local machine only, so I ommitted any 
escape functions. I am trying to create DB's with multiple tables, so it is 
totally a learning exercise.

So hopefully I will learn from my mistakes.

Thanks for your help.

Gary

"Chris W" <4rfvgy7@stripped> wrote in message 
news:4BC47B0B.7020907@ style="color:#666">stripped...
>I have no idea how you got here but there is no reason to do it that way. 
>This will work just fine and I do it every day in php.
> However I don't use mysqli   I still use ...
> mysql_connect
> mysql_select_db
> mysql_real_escape_string
> mysql_query
>
> Don't forget to use the mysql_real_escape_string function to be sure sql 
> injection can't happen.
>
>
> <?php
> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting 
> to
> MySQL server');
>
> $query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";
>
> $result=mysqli_query($dbc, $query)
> or die('Error querying database.');
>
> $query="INSERT INTO address (street, town, state,
> zip)"."VALUES('$street','$town','$state','$zip')";
>
> $result=mysqli_query($dbc, $query)
> or die('Error querying database.');
>
> mysqli_close($dbc);
>
> ?>
>
>
> Gary wrote:
>> Michael
>>
>> Thank you for your response.  It gave me the idea how to solve this, and 
>> it seemed to have worked!
>>
>> For those following hoping to see a solution, what I did was open the 
>> connection, insert into one table, closed the connection, closed the php 
>> script, and the data was inserted into 2 of the tables... The code looks 
>> like this:
>>
>> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting 
>> to MySQL server');
>>
>> $query="INSERT INTO name(fname, lname)"."VALUES('$fname','$lname')";
>>
>> $result=mysqli_query($dbc, $query)
>> or die('Error querying database.');
>>
>> mysqli_close($dbc);
>> ?>
>>
>> <?php
>>
>> $dbc=mysqli_connect('localhost','root','','test')or die('Error connecting 
>> to MySQL server');
>> $query="INSERT INTO address (street, town, state, 
>> zip)"."VALUES('$street','$town','$state','$zip')";
>>
>> $result=mysqli_query($dbc, $query)
>> or die('Error querying database.');
>>
>> mysqli_close($dbc);
>>
>> ?>
>>
>> It seems a bit redundant for php, but it seems to work.
>>
>> If by the way anyone sees a problem with this solution, I would love to 
>> read it.
>>
>> Again, thank you for your response.
>>
>> Gary
>>
>>
>> "Michael Dykman" <mdykman@stripped> wrote in message 
>> news:s2p814b9a821004121404ge4415a07tbb2ab1bbba1fdd94@ style="color:#666">stripped...
>> It is not a question of multiple tables, it is a question of multiple
>> statements.  Most PHP configurations prohibit the application of more
>> than one statement per call to execute.  This is generally thought to
>> be a security issue as the vast majority of simple PHP-based SQL
>> injection attacks only work on servers that allow multiple statements.
>>
>> I haven't been deep in PHP land for a little while, but I think you
>> will find the default driver/config is expressly preventing you from
>> doing this.
>>
>>  - michael dykman
>>
>>
>> On Mon, Apr 12, 2010 at 9:44 AM, Gary <gwpaul@stripped> wrote:
>>
>>> Seriously
>>>
>>> You should read your answers before you post, the SA link did not 
>>> provide
>>> the answer. Had you read the page you sent, you would notice it does not
>>> apply to mulitple tables...
>>>
>>> Gary
>>>
>>>
>>> "Colin Streicher" <colin@stripped> wrote in message
>>> news:201004112310.16594.colin@ style="color:#666">stripped...
>>>
>>>> Seriously...
>>>> I found the answer in the first result.
>>>> http://lmgtfy.com/?q=mysqli+multiple+insert+statements
>>>>
>>>> Assuming mysqli, if you are using a different driver, then google that
>>>>
>>>> Colin
>>>>
>>>> On April 11, 2010 10:36:41 pm viraj wrote:
>>>>
>>>>> is it mysqli query or 'multi_query'?
>>>>>
>>>>> http://php.net/manual/en/mysqli.multi-query.php
>>>>>
>>>>> ~viraj
>>>>>
>>>>> On Sun, Apr 11, 2010 at 10:27 PM, Gary <gwpaul@stripped> wrote:
>>>>>
>>>>>> I am experimenting with multiple tables, it is only a test that
> is my
>>>>>> local machine only. This is the current code, which does not work
> , I
>>>>>> have tried to concatonate the insert statements. I have tried 
>>>>>> multiple
>>>>>> $query variables, but it is just overwriting itself (only the
> last 
>>>>>> one
>>>>>> gets inserted). I also tried writing the $query as an array,
> which 
>>>>>> got
>>>>>> me
>>>>>> an error message (saying it was expecting a string and I offered
> an
>>>>>> array).
>>>>>>
>>>>>> Someone point me in the right direction?
>>>>>>
>>>>>> Gary
>>>>>>
>>>>>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> Transitional//EN"
>>>>>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
>>>>>> <html xmlns="http://www.w3.org/1999/xhtml">
>>>>>> <head>
>>>>>> <meta http-equiv="Content-Type" content="text/html;
> charset=utf-8" />
>>>>>> <title>Untitled Document</title>
>>>>>> </head>
>>>>>>
>>>>>> <body>
>>>>>>
>>>>>> <form action="<?php echo $_SERVER['PHP_SELF'];?>"
> method="post">
>>>>>>
>>>>>> <label>First Name </label> <input name="fname"
> type="text" /><br 
>>>>>> /><br
>>>>>> />
>>>>>> <label>Last Name </label><input name="lname"
> type="text" /><br /><br 
>>>>>> />
>>>>>> <label>Street Address </label><input name="street"
> type="text" /><br
>>>>>> /><br />
>>>>>> <label>Town </label><input name="town" type="text"
> /><br /><br />
>>>>>> <label>State </label><input name="state"
> type="text" /><br /><br />
>>>>>> <label>Zip Code</label><input name="zip"
> type="text" /><br /><br />
>>>>>> <label>Telephone</label><input name="phone"
> type="text" /><br /><br 
>>>>>> />
>>>>>> <label>Fax</label><input name="fax" type="text"
> /><br /><br />
>>>>>> <label>E-Mail</label><input name="email"
> type="text" /><br /><br />
>>>>>> <label>Comments</label><br /><textarea
> name="comments" cols="100"
>>>>>> rows="15"></textarea><br /><br />
>>>>>>
>>>>>> <input name="submit" type="submit" value="submit" />
>>>>>> </form>
>>>>>>
>>>>>> <?php
>>>>>>
>>>>>> $fname=($_POST['fname']);
>>>>>> $lname=($_POST['lname']);
>>>>>> $street=($_POST['street']);
>>>>>> $town=($_POST['town']);
>>>>>> $state=($_POST['state']);
>>>>>> $zip=($_POST['zip']);
>>>>>> $phone=($_POST['phone']);
>>>>>> $fax=($_POST['fax']);
>>>>>> $email=($_POST['email']);
>>>>>> $comments=($_POST['comments']);
>>>>>> $REMOTE_ADDR=$_SERVER['REMOTE_ADDR'];
>>>>>>
>>>>>> $dbc=mysqli_connect('localhost','root','','test');
>>>>>> $query="INSERT INTO address (street, town, state,
>>>>>> zip)"."VALUES('$street','$town','$state','$zip')".
>>>>>> "INSERT INTO comments(comments)"."VALUES('$comments')".
>>>>>> "INSERT INTO
>>>>>> contact(phone,fax,email)"."VALUES('$phone','$fax','$email')".
> "INSERT
>>>>>> INTO name (fname, lname)"."VALUES('$fname','$lname')";
>>>>>>
>>>>>> $result = mysqli_query($dbc, $query)
>>>>>> or die('Error querying database.');
>>>>>>
>>>>>> mysqli_close($dbc);
>>>>>>
>>>>>> ?>
>>>>>> </body>
>>>>>> </html>
>>>>>>
>>>>>>
>>>>>>
>>>>>> __________ Information from ESET Smart Security, version of
> virus
>>>>>> signature database 5017 (20100411) __________
>>>>>>
>>>>>> The message was checked by ESET Smart Security.
>>>>>>
>>>>>> http://www.eset.com
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> MySQL General Mailing List
>>>>>> For list archives: http://lists.mysql.com/mysql
>>>>>> To unsubscribe: http://lists.mysql.com/mysql?unsub=1
>>>>>>
>>>> --
>>>> It is easy to find fault, if one has that disposition. There was once a
>>>> man
>>>> who, not being able to find any other fault with his coal, complained 
>>>> that
>>>> there were too many prehistoric toads in it.
>>>> -- Mark Twain, "Pudd'nhead Wilson's Calendar"
>>>>
>>>> __________ Information from ESET Smart Security, version of virus
>>>> signature database 5021 (20100412) __________
>>>>
>>>> The message was checked by ESET Smart Security.
>>>>
>>>> http://www.eset.com
>>>>
>>>>
>>>>
>>>>
>>>
>>> __________ Information from ESET Smart Security, version of virus 
>>> signature database 5021 (20100412) __________
>>>
>>> The message was checked by ESET Smart Security.
>>>
>>> http://www.eset.com
>>>
>>>
>>>
>>>
>>>
>>> --
>>> MySQL General Mailing List
>>> For list archives: http://lists.mysql.com/mysql
>>> To unsubscribe: http://lists.mysql.com/mysql?unsub=1
>>>
>>>
>>>
>>
>>
>>
>>
>
> __________ Information from ESET Smart Security, version of virus 
> signature database 5025 (20100413) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
> 



__________ Information from ESET Smart Security, version of virus signature database 5025
(20100413) __________

The message was checked by ESET Smart Security.

http://www.eset.com




Thread
INSERT INTO multiple tablesGary11 Apr
  • Re: INSERT INTO multiple tablesviraj12 Apr
    • Re: INSERT INTO multiple tablesColin Streicher12 Apr
  • Re: INSERT INTO multiple tablesGary12 Apr
    • Re: INSERT INTO multiple tablesMichael Dykman12 Apr
  • Re: INSERT INTO multiple tablesGary12 Apr
    • Re: INSERT INTO multiple tablesColin Streicher13 Apr
    • Re: INSERT INTO multiple tablesChris W13 Apr
  • Re: INSERT INTO multiple tablesGary13 Apr
  • Re: INSERT INTO multiple tablesGary13 Apr