PDO Insert Query
advertisement
PDO Insert PHP Script
1.0
2.0
3.0
4.0
5.0
Creating an Insert PDO Query ............................................................................ 1
Creating the HTML form .................................................................................... 3
Creating and Executing the Insert query ............................................................. 3
Handling Insert query errors ............................................................................... 4
Closing the connection to the MySQL database ................................................. 4
PDO Insert PHP Script
Ivailo Chakarov
PDO Insert PHP Script
1.0
Creating an Insert PDO Query
In your previous session you learnt how to open and close a connection to a
MySQL database using PDO. The simplest form of query is the PDO query
method. Although we are using MySQL, considering that PDO provides a
common set of tools for databases, once we have the correct connection
established, the rest of the code can be used regardless of the type of database that
we have chosen (Source: Introduction to PHP PDO).
Here is an example PHP file which is used to insert a single record in your
employeeproject database.
<?php
// define variables and set to empty values
$employee_no = $employee_firstname = $employee_surname = $employee_grade = "";
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "employeeproject";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$employee_no = test_input($_POST["emp_no"]);
$employee_firstname = test_input($_POST["emp_fname"]);
$employee_surname = test_input($_POST["emp_sname"]);
$employee_grade = test_input($_POST["emp_paygrade"]);
//prepare the INSERT statement (keep the whole statement on a single line)
$insert_sql = "INSERT INTO employee (emp_no, emp_fname, emp_sname, grade) VALUES ('" .
$employee_no . "','" . $employee_firstname . "','" . $employee_surname . "','" .
$employee_grade . "')";
//execute the INSERT statement
if ($conn->exec($insert_sql)) {
//display confirmation that the record has been inserted successfully.
PDO Insert PHP Script
1
Prepared by Ivailo Chakarov
echo "New record created successfully.";
}
else {
//echo the insert statement error which is generated if the statement fails;
echo "Error: " . $insert_sql. "<br>" . $conn->error;
}
//close the database connection
$conn = null;
}
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage();
}
//the function test_input strips any blanks, special characters,
//etc. and returns back the cleaned data
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h3>Enter a new Employee</h3>
<form method="post"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
name="new_employee">
Employee No <input name="emp_no" type="text" size="11" maxlength="11" /><br />
First Name <input name="emp_fname" type="text" size="35" maxlength="80" /><br />
Surname <input name="emp_sname" type="text" size="35" maxlength="80" /> <br />
Grade
<select name="emp_paygrade">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
</select>
<p></p>
<input type="reset" name="reset" />
<input type="submit" name="submit" />
</form>
PDO Insert PHP Script
2
Prepared by Ivailo Chakarov
2.0
Creating the HTML form
The following HTML code is used to create the form elements:
Employee No <input name="emp_no" type="text" size="11" maxlength="11" /><br />
First Name <input name="emp_fname" type="text" size="35" maxlength="80" /><br />
Surname <input name="emp_sname" type="text" size="35" maxlength="80" /> <br />
Grade
<select name="emp_paygrade">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
</select>
As you can see from the above code each form element has been given a name which is
later used (in the PHP section of the script to access the data input in the form by the user.
The following PHP code receives the data typed by the user in the HTML form and calls
the test_input function to strip off any special and white space characters:
$employee_no = test_input($_POST["emp_no"]);
$employee_firstname = test_input($_POST["emp_fname"]);
$employee_surname = test_input($_POST["emp_sname"]);
$employee_grade = test_input($_POST["emp_paygrade"]);
3.0
Creating and Executing the Insert query
An $insert_sql variable is then created to store the SQL Insert statement which would be
used to insert the record into the employee table of your database:
//prepare the INSERT statement (keep the whole statement on a single line)
$insert_sql = "INSERT INTO employee (emp_no, emp_fname, emp_sname, grade) VALUES ('" .
$employee_no . "','" . $employee_firstname . "','" . $employee_surname . "','" .
$employee_grade . "')";
If successful, when executed the query would return the following output:
if ($conn->exec($insert_sql)) {
//display confirmation that the record has been inserted successfully.
echo "New record created successfully.";
}
PDO Insert PHP Script
3
Prepared by Ivailo Chakarov
4.0
Handling Insert query errors
If the execution of the query is not successful then the sql statement, together with the
error would be output on the screen:
else {
//echo the insert statement error which is generated if the statement fails;
echo "Error: " . $insert_sql. "<br>" . $conn->error;
}
5.0
Closing the connection to the MySQL database
The connection to the database would need to be closed by using the following
statement:
$conn = null;
PDO Insert PHP Script
4
Prepared by Ivailo Chakarov
