<?php
include 'connectMySql.php';
$emri=$_REQUEST["emri"];
$mbiemri=$_REQUEST["mbiemri"];
$email=$_REQUEST["email"];
$data=$_REQUEST["data"];
$ora=$_REQUEST["ora"];
$nr_persona=$_REQUEST["nr_persona"];
$query="INSERT INTO rezervim(emri,mbiemri,email,data,ora,nr_persona) VALUES(' ".$emri." ',' ".$mbiemri." ',' ".$email." ',' ".$data." ',' ".$ora." ' , '".$nr_persona."')";
mysql_query($query) or die(mysql_error());
mysql_close($conn);
?>
RainaAnja -3 Light Poster
Recommended Answers
Jump to PostURGENT
For you, not us. Please refrain from using words such as this as they will not garner positive replies.
You don't clean your inputs and you're using REQUEST instead of GET or POST.
Also consider using mysqli or PDO as mysql is to be deprecated. In addition …
All 3 Replies
RainaAnja -3 Light Poster
this is my code for booking i want to check the date i can book in,if it is available,URGENT
JorgeM 958 Problem Solver Team Colleague Featured Poster
i want to check the date i can book in,if it is available
you can perform a query using a SELECT statement with a WHERE clause to see if the date is available.
Unfortuantely, there isnt really much information that you provided to be able to give you a better answer.
diafol
URGENT
For you, not us. Please refrain from using words such as this as they will not garner positive replies.
You don't clean your inputs and you're using REQUEST instead of GET or POST.
Also consider using mysqli or PDO as mysql is to be deprecated. In addition you don't have to concatenate simple variables within a double quoted string - you can just include them thus:
$query="INSERT INTO rezervim(emri,mbiemri,email,data,ora,nr_persona) VALUES('$emri','$mbiemri','$email','$data','$ora', '$nr_persona')";
So from the looks of it, almost every line needs changing.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.