Possible Duplicate:
PHP SQL Form Insert
I made a form to take input and insert them in the table. Instead of inserting the values in the table “employee”, it inserts only the password; that too of the database admin. What to do?? Other fields are left blank. Any help would be great.
<?php
//include the connection file
require_once('connection.php');
require_once("validation.php");
if( isset($_POST['send']) && (!validateName($_POST['name']) || !validateEmail($_POST['email']) || !validatePasswords($_POST['pass1'], $_POST['pass2']) || !validateContact($_POST['contact']) || !validateAge($_POST['age'])) ):?>
<div id="error">
<ul>
<?php if(!validateName($_POST['name'])):?>
<li><strong>Invalid Name:</strong> We want names with more than 3 letters.</li>
<?php endif?>
<?php if(!validateEmail($_POST['email'])):?>
<li><strong>Invalid E-mail:</strong> Type a valid e-mail please.</li>
<?php endif?>
<?php if(!validatePasswords($_POST['pass1'], $_POST['pass2'])):?>
<li><strong>Passwords are invalid:</strong> Passwords doesnt match or are invalid!</li>
<?php endif?>
<?php if(!validateContact($_POST['contact'])):?>
<li><strong>Please enter your contact number.</strong></li>
<?php endif?>
<?php if(!validateAge($_POST['age'])):?>
<li><strong>Please enter your age</strong></li>
<?php endif?>
</ul>
</div>
<?php elseif(isset($_POST['send'])):?>
<div id="error" class="valid">
<ul>
<?php $query = "INSERT INTO employee (name, password, email, contact, age, gender, location, skill) VALUES ";
$query .= "('$name', '$password', '$email','$contact','$age','$gender','$location','$skill')";
// run the query
mysql_query($query);?>
<li><strong>Congratulations!</strong> All fields are OK ;)</li>
</ul>
</div>
<?php endif?>
Try This and you have to use mysql_real_escape_string for preventing the sql injections…