How to insert form input in database

Question

I just try myself to insert record in database but i got error
```php
 if(isset($POST['submit'])){
    $name = $POST["name"];
    $age = $POST["Age"];
    $city = $POST["city"];
    $img = $_POST["img"];
try{
  $insert = $db->query("Insert INTO info values($name,$age,$city,$img)");
  $exec->exec($insert);
  echo "Record Added";
}catch(Exception $e){
  echo "Record not created";
  $e->getMessage();
}
  }
```

Simon Coates · Accepted Answer

I'm not entirely sure what you're using, because if it's pdo (it looks similar), i think you're using it wrong. The following is a PDO usage of prepared statements (should use these for use provided values regardless of your database connection library). In PDO, running query on a PDO will run the query, whereas for an insert you should run prepare on the PDO object, to retrieve a PDOStatement object. You can then bind params (or bind values) to safely add the values, and call execute on the PDOstatement object. The following is a simple example where $dbh is a PDO.
```
<?php $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);
// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
```
MySQLi has a similiar pattern see http://php.net/manual/en/mysqli.quickstart.prepared-statements.php (http://php.net/manual/en/mysqli.quickstart.prepared-statements.php).

Welcome to the Treehouse Community

Looking to learn something new?

Ashish Mehra

Ashish Mehra

How to insert form input in database

Simon Coates

Simon Coates

1 Answer

Simon Coates

Simon Coates

Ashish Mehra

Ashish Mehra