My first post yaa lol. This will lily be the 1st of many posts as i trty to get my head round things.

Basically i am going to need to post info from a form in to a database but all so post it to a remote api url at the same time how best to do this can it be done.





Hope i have explained what i need well.

All so why i am here what is the best way to auto increment the form i now there will be an easy way to do this in php but if any of you can tell me what it is or the best way to implement it that would be great.

Ok, first off I'd direct my form to a page of my own, say "submit.php", which would store the data passed to it into the database and then (before echoing any data to the page) use header() to redirect the user to the api url.

I'm assuming you know ho to connect to a database and submit the data. If now, search the web for a tutorial, there's millions.

Use <form action="submit.php" method="post">... to submit the username to submit.php, whose code is below:

//send the info to this page via POST method.
$username = $_POST['username'];

//connect to database a run sql "INSERT INTO" query.

$loc = 'location: www.apidomain.com?username=' . $username;
//that last line redirects the user to the api site submitting the username.

Alternatively, you could embed the apidomain.com in a frame or something like that to keep the user on your page, or add "&return=www.yourdomain.com/done.php" to $loc and configure the api to return the user to the value specified.

With the auto increment thing, what is it that you want to auto increment? The id, in the table, of the username submitted? If so, set up a column to auto increment when you create the SQL table.

(If none of this is making sense then look at some tutorials for forms, MySQl tables etc. with this stuff in mind)

Hope that helped.

Before you do anything with the data, you need to sanatize it. This means get rid of characters hackers can use to invade your server.

At a bare minimum,
$_POST[xxxx} = str_replace array('<', '>', '[', ']', '{', '}', '\\'), "", $_POST[xxxx]);

Common sense comes into play here, if you have an input field, firstname, replace ALL special characters except those that could legitimately be in first name such as a dash or single quote. Use the above code and add ~!@#$%^&*()+=:;"?/

Very carefully check out the special characters used by the database application. For example, in php the single quote can create issues. Use php add_slashes to any data field that could possibly contain a single quote.

Hope this helps you while not totally answering your question.


I need to send the auto increment number via the url to the api so i needs to be done by the form and not the database.

Thanks for the info about removing the nasty hacking stuff. I use a cms that has a class i can call to do it for me same with putting stuff in the database but its all in OOP which is even harder to get to grips with so i may just do it in normal php and use the tips in both the posts.

I don't want to send visitors to the api url i want it to be done from my site but with you saying the iframe i reminded me i have so JavaScript which i use to auto subscribe new members to my mailing list.

Basically i pull the users email from my database in to a hidden form and this JavaScript when it sees an email address it will submit the form to the url i have set i think that could easily be modified to be trigged by some thing else.

Thanks Guys

First u can do like this