I want to know if this is correct for inserting into table in step 3 using mysql_query. Also, how do I ensure it is inserted into the right row? I am guessing I am suppose to use the WHERE statement. Do I do this: INSERT….WHERE…. VALUES
<?php
if (isset($_POST)){
//1. Define form variables
$language = $_POST['language'];
$level = $_POST['level'];
$language_learn = $_POST['language_learn'];
$learn_level = $_POST['learn_level'];
$preferred_contact = $_POST['preferred_contact'];
$city = $_POST['city'];
$age = $_POST['age'];
$sex = $_POST['sex'];
$description = $_POST['description'];
//2. Check if form variables are valid
//3. Insert into table
$insert = mysql_query("
INSERT INTO user (language, level, language learn, learn_level, preferred_contact, city, age, sex, description)
VALUES ('".$language."', '".$level."', '"$language_learn."', '".$learn_level."', '".$preferred_contact."', '".$city."', '".$age."', '".$sex."', ".$description."')");
//4. Reload page at home page
}//end $_POST
?>
Insert automatically creates a new row with a new increment ID assuming your table is set up correctly. There is no WHERE in an INSERT Statement, only in an update statement. And you should enclose all your POSTs with mysql_real_escape_string() for security.