mysql - can't insert data into database with php

Question

I'm tryin to add users to my MYSQL database with PHP, somehow it is not working. Check my script below. What am i doing wrong?

<html>
<head>
</head>
<body>
<form action="index2.php" method="post">
Voornaam: <input type="text" name="voornaam"><br />

<input type="submit" name="submit">
</form>

<?php
if (isset($_POST['submit'])) {

$con = mysql_connect("localhost","hakan","hakan");
if (!$con) {
die ("Can not connect: " . mysql_error());
}

mysql_select_db("projectfys",$con);

$sql = "INSERT INTO gebruikers (voornaam) VALUES ('voornaam')";

mysql_query($sql,$con);

mysql_close($con);
}
?>

</body>
</html>

Answer 1

$con needs to be in first place

Eg

mysql_select_db($con,'db');
mysql_query($con,$sql);

Change the direction everywhere.

Also, change everything to mysqli, you can find masses of tutorials for mysqli or PDO

This block should look like (with mysqli):

$con = new mysqli("localhost","hakan","hakan","projectfys");
 $con -> set_charset ( 'utf8' );
            if ($con->connect_errno) {
            printf("Connect failed: %s\n", $con->connect_error);
            exit();}


mysqli_query($con, "INSERT INTO gebruikers (voornaam) VALUES ('voornaam')");



$con -> close();

With your query, you will allways insert the string "voornaam" in your table.

You need to do this before:

$voornaam = $_POST['voornaam'];
$voornaam = mysqli_real_escape_string($con,$voornaam);

Add this after your connection and before the query. In the query, replace the second 'voornaam' with '$voornaam'

mysqli_query($con, "INSERT INTO gebruikers (voornaam) VALUES ('$voornaam')");