PHP and mySQL


// Snippet of form class just showing the inset method

class form_Class

private $dbConnect;
private $query;

// Class constructor
public function __construct()
//Open databasee conection
$this->dbConnect = new Connection_TO_DB();
$this->query= new Queries_Class();

// Insert form data method
public function insert_Form_Data($clientData)

//Call database class

//Name of database table to INSERT INTO
$table = 'name_Of_Table';
//Complete string for new database SET insertion
//The form data is cleaned to prevent SQL injection
//Add hash algorithm to password
$set = "nameOne ='{$this->query->cleanQuery(".{$clientData['nameOne']}.")}',
nameTwo =' {$this->query->cleanQuery(".{$clientData['nameTwo']}.")}',
password =SHA1('$this->query->cleanQuery(".{$clientData['password']}.")}'),
email = '{$this->query->cleanQuery(".{$clientData['email']}."}';";

//Create array for easy key / value insertion
$array = array("TABLE"=> $table, "SET"=>$set);
//Call insert function that executes mySQL INSERT INTO
$last_id = $this->query->getInsert($array);
//Close database connection

//Returns the id of the last inserted data
return $last_id;



Example OneExample Two

A simple example of data input

Example One:

This is a snippet from a form class showing the insert method. This is called from a file that is in turn called from a JavaScript file using the jQuery interpretation of AJAX.

Once the form has been validated via javaScript and AJAX the relevant data is pushed into an array that is then parsed by the database class. The database connection is dealt with at the beginning and end of each method.

Example Two:

This shows how the received data is inserted into the database from the parsed array and how each string is cleaned to prevent SQL injection.