I have a single field post of the form: <form action=post.php method=post> <input type=text

Question

0

Asked: June 13, 20262026-06-13T03:39:36+00:00 2026-06-13T03:39:36+00:00

I have a single field post of the form: <form action=post.php method=post> <input type=text

0

I have a single field post of the form:

<form action="post.php" method="post">
<input type="text" name="foo" />

I am trying to insert foo into a small mySql table named 'datatable' in the database 'mydatabase' in post.php.

This string works for me to add a data row in my table:

mysql_query('INSERT INTO 'mydatabase'.'datatable' ('data') VALUES (\'testabc\');');

So I know my connection string is working. However, I cannot figure out how to insert the actual post data ($_POST['foo']) into my table. I have tried strings such as:

mysql_query('INSERT INTO 'mydatabase'.'datatable' ('data') VALUES (\'' + $_POST['foo'] + '\');');

But cannot figure out the correct syntax to make this work. Can any of you brilliant minds help hint me in the right direction?

Many thanks…

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T03:39:37+00:00

Editorial Team

2026-06-13T03:39:37+00:00Added an answer on June 13, 2026 at 3:39 am

PHP uses . for concatenation, not +.

However, you really shouldn’t use mysql_*. I highly suggest PDO. It’s simple to use and will protect you from injection (to which you are currently vulnerable). You may also need to consider that magic quotes is enabled so stripslashes on the post data may be appropriate. trim. usually is as well.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a single field post of the form: <form action=post.php method=post> <input type=text

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply