Home/ Questions/Q 8909371
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T03:24:48+00:00

I m using Allow PHP in Post and Pages plugin in wordpress by which

  • 0

I m using Allow PHP in Post and Pages plugin in wordpress by which i integrate a form

Warning: mysql_real_escape_string(): 21 is not a valid MySQL-Link resource in ..wp-includes\wp-db.php on line 789

Warning: mysql_error(): 21 is not a valid MySQL-Link resource in ..wp-includes\wp-db.php on line 1102

The code of my form is here

    $con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("form", $con);
$sql="INSERT INTO data (consignor,consignee, conveyance, origin, entry_port, importing_country, container_no, package_no, package_type, product_name, bot_name, quantity, certify, add_declaration, date,treatment, duration_temprature, concentration, add_information, inspector_name, place, name_designation, issue_date)
VALUES
('$_POST[exporter]', '$_POST[importer]', '$_POST[conveyance]', '$_POST[origin]', '$_POST[dpoe]', '$_POST[impcon]', '$_POST[container]', '$_POST[nopk]', '$_POST[tyop]', '$_POST[name]', '$_POST[botname]', '$_POST[quantity]', '$_POST[certify]', '$_POST[declaration]', '$_POST[date]', '$_POST[treatment]', '$_POST[dutemp]', '$_POST[concen]', '$_POST[adinfo]', '$_POST[insname]', '$_POST[place]', '$_POST[namedesg]', '$_POST[dateissue]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "Form Submitted";

mysql_close($con);
?>
<form action="#" method="post">
<table height ="200px" width="676" border="1" cellspacing="0" cellpadding="0">

<tr>
<td colspan="7" valign="top" width="676"> 
</td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">1. Exporter/Consignor (Name & Address)<br/>
<input type="text" name="exporter" />
</td>
<td colspan="4" valign="top" width="356">2. Importer/Consignee (Name & Address)
 <input type="text" name="importer" />
</td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">3. Declared means of conveyance
<input type="text" name="conveyance" /></td>
<td colspan="4" valign="top" width="356">4. Place of Origin<br/>
<input type="text" name="origin" /></td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">5. Declared Port of entry<br/>
<input type="text" name="dpoe" /></td>
<td colspan="4" valign="top" width="356">6. Department of Plant Protection of Pakistan To Plant Protection Organization Of (importing country)<br/>
<input type="text" name="impcon" />
</td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">7. Distinguishing marks/Container No./ Seal No.<br/>
<input type="text" name="container" /></td>
<td colspan="3" valign="top" width="172">8. No. of Packages<br/>
<input type="text" name="nopk" />
</td>
<td valign="top" width="184">9. Type of packages<br/>
<input type="text" name="tyop" /></td>
</tr>
<tr>
<td valign="top" width="221">10. Name of Product<br/>
<input type="text" name="name" /></td>
<td colspan="4" valign="top" width="233">11. Botanical name of plant
<br/>
<input type="text" name="botname" />
</td>
<td colspan="2" valign="top" width="221">12. Quantity<br/>
<input type="text" name="quantity" /></td>
</tr>
<tr>
<td colspan="7" valign="top" width="676">13. This is to certify that the plants, plant products or other regulated articles described herein above have been inspected and/ or tested according to appropriate official procedures and are considered to be free from the quarantine pests, specified by the importing contracting party and to conform with the current phytosanitary requirements  of the importing contracting party including those for regulated non-quarantine pests.<br/>
<input type="checkbox" name="certify" value="Yes"/> Yes
<input type="checkbox" name="certify" value="No"/> No<br/>
 </td>
</tr>
<tr>
<td colspan="7" valign="top" width="676">14. Additional Declaration
<br/>
<textarea name="declaration" cols="40" rows="2">Please limit your response to 200 characters.</textarea><br />
</td>
</tr>
<tr>
<td colspan="7" valign="top" width="676" bgcolor="grey">
<p align="center"><strong>Disinfestations and / or disinfection treatment </strong></p>
</td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">15. Date
<br/>
<input type="text" name="date" /></td>
<td colspan="4" valign="top" width="356">16. Treatment<br/>
<input type="text" name="treatment" /></td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">17. Duration & Temperature
<br/>
<input type="text" name="dutemp" />
</td>
<td colspan="4" valign="top" width="356">18. Concentration<br/>
<input type="text" name="concen" /></td>
</tr>
<tr>
<td colspan="3" valign="top" width="320">19. Additional Information
<br/>
<textarea name="adinfo" cols="40" rows="2">Please limit your response to 200 characters.</textarea><br />
</td>
<td colspan="4" valign="top" width="356">20. Name of Inspector<br/>
<input type="text" name="insname" /></td>
</tr>
<tr>
<td colspan="2" valign="top" width="240">21. Stamps of Organization
<br></br><br></br>
 </td>
<td rowspan="2" colspan="2" valign="top" width="168">
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong> </strong></p>
<p align="right"><strong>PROGRESSIVE </strong></p>
</td>
<td rowspan="2" colspan="3" valign="top" width="340">23. Place of issue<br/>
<input type="text" name="place" /><br/>
24. Signature__________________________<br/><br></br>
25. Name and designation of authorized officer
<input type="text" name="namedesg" /> <br/><br/>
26. Date <br/>
<input type="text" name="dateissue" /></p></td>
</tr>
<tr>
<td colspan="2" valign="top" width="240">22. No financial liability with respect to this certificate shall attach to department of plant protection or to any of its officers or representatives
<br></br></td>
</tr>
<tr>
<td width="221" border="0"></td>
<td width="19"></td>
<td width="80"></td>
<td width="48"><input type="submit" value="Submit Form" /></td>
<td width="47"><input type="reset" value="Reset" /></td>
<td width="137"></td>
<td width="220"></td>
</tr>
<tr><td></td>
<td></td>
<td></td>
<td align="right"></td>
</tr>
</table>
</form>
</html>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    In wordpress, you can not call to database using normal mysql system. You need to call the database via the 

    global $wpdb;

    See this link for more examples. http://codex.wordpress.org/Class_Reference/wpdb

    edit

    Try changing your PHP calling code into something like this.

    edit2

    Add some codes to protect against sql attacks. Basically put them into variable and escape it.

    <?php
//no need to connect & close to db. it's done automatically by wpdb.
// the database MUST be the same with wordpress database. only different tables.
global $wpdb;

//protect your codes from attacks.
@ isset($_POST['exporter']) ? $exporter=$wpdb->escape($_POST['exporter']) : $exporter='';
@ isset($_POST['importer']) ? $importer=$wpdb->escape($_POST['importer']) : $importer='';
@ isset($_POST['conveyance']) ? $conveyance=$wpdb->escape($_POST['conveyance']) : $conveyance='';
//....
@ isset($_POST['dateissue']) ? $dateissue=$wpdb->escape($_POST['dateissue']) : $dateissue='';


if (!$wpdb->insert('data',
                        array(
                            'consignor'=>$exporter
                            ,'consignee'=>$importer
                            ,'conveyance'=>$conveyance
                            //...
                            ,'issue_date'=>$dateissue
                        ))) exit;
else {echo 'Form Submitted';}
?>
    • 0