Shoutbox

quote:

---

Originally posted by k776
Sorry WDZ, I meant to say infomation/text, not actual files

---

Well, it shouldn't be too hard. First you might want to do some validation of the values that were submitted, though that's not as important if only trusted people can submit.

code:

---

if(!$_POST['name']) {
    die("You must enter a name!");
}

---

You could also check to make sure the length isn't too long and stuff like that. Next you should make sure the data is ready to be used in a query by applying addslashes()...

$name = addslashes($_POST['name']);

However, this step might not be needed if your server has magic quotes enabled, because that will automatically add slashes. Running the function again will result in doubled slashes, which is annoying.

Now to actually insert the data...

mysql_query("INSERT INTO tablename (name) VALUES ('$name')");

That's an example of inserting just one field. To insert all the fields you listed, you'd do something like this...

mysql_query("INSERT INTO tablename (catid,mplink,name,dllink,desc,rate,type,pic) VALUES ('$catid', '$mplink', '$name', '$dllink', '$desc', '$rate', '$type', '$pic')");

I don't know what all your fields are for, so I can't give a perfect example. Also, you'd have to call your mysql_connect() and mysql_select_db() before mysql_query(), of course.

Google for some tutorials... I bet there's tons of them...