PHP - sprintf/GET - how to insert values from this into SQL post

Question

I am using Google Maps to get marker data to include with a form post. The marker data is entered into MySQL with this query:

// Gets data from URL parameters
$name = $_GET['name'];
$address = $_GET['address'];
$lat = $_GET['lat'];
$lng = $_GET['lng'];
$type = $_GET['type'];

// Insert new row with user data
$query = sprintf("INSERT INTO markers " .
         " (id, name, address, lat, lng, type ) " .
         " VALUES (NULL, '%s', '%s', '%s', '%s', '%s');",
         mysql_real_escape_string($name),
         mysql_real_escape_string($address),
         mysql_real_escape_string($lat),
         mysql_real_escape_string($lng),
         mysql_real_escape_string($type));

$result = mysql_query($query);

What I would like to do is take the GET/sprintf data and include it in my own separate SQL query, rather than Google's. How do I assign these %s to real variables ($nameData, $addressData), ect? I cannot echo or insert the GET variables.

Thanks!

Answer 1

I don't get the problem. If you have $name, $address etc..., you can use those variables any time you want. And if you want to assign the value to new variables, you can do this like your first six lines:

$nameData = $_GET['name'];
$addressData = $_GET['address'];
$latData = $_GET['lat'];
$lngData = $_GET['lng'];
$typeData = $_GET['type'];

Answer 2

如果您要发布，则应为：

$name = $_POST['name'];

Answer 3

The %s values are populated by the mysql_real_escape_string() values in order. Just use those values.