How To insert Data in Php using prepare query ?

 How To insert Data in Php using prepare query ?

Guide:

After a database and a table have been created,we can start insert records in it.

Here are some syntax you have to follow:

The SQL query must be in quoted.

use Prepare syntax for prepare query

String values inside the SQL query must be in quoted except numeric value.

id and create_at field  we are not going to define because it is auto-increment and timestamp use INSERT INTO statement to insert records.

here a basic syntax of insert record:

conection_name->prepare("INSERT INTO table_name (field1, field2, field3,...)VALUES (var1, var2, var3,...)";

In previous blog we inserted data in php with variable but this time we use prepare query and we insert record using html and table named "register" with sixcolumns: "id", "name", "email", "password" ,"mobile_no","create_at";

table Query: 

CREATE TABLE `register` (

 `id` int(11) NOT NULL AUTO_INCREMENT,

 `name` varchar(30) NOT NULL,

 `email` varchar(30) NOT NULL,

 `password` varchar(15) NOT NULL,

 `mobile_no` varchar(10) NOT NULL,

 `create_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,

 PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=latin1

HTML  Code:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>
<body>
    <form method="post">
        <table>
            <tr>
                <td>Name:</td>
                <td><input type="text" name="txtname"></td>
            </tr>
            <tr>
                <td>Email:</td>
                <td><input type="email" name="txtemail"></td>
            </tr>
            <tr>
                <td>Password:</td>
                <td><input type="password" name="txtpass"></td>
            </tr>
            <tr>
                <td>Mobile No:</td>
                <td><input type="text" name="txtmono"></td>
            </tr>
            <tr>
                <td><input type="submit" name="submit"></td>
            </tr>
        </table>
    </form>
</body>
</html>

PHP  Code:

<?php 
//prepare most secure query
if(isset($_POST["submit"])){
$server = "localhost";
$username = "root";
$password = ""; //blank
$dbname = "demo1"; //database name
try {
    $conn = new pdo("mysql:host=$server;dbname=$dbname",$username,$password);
    $name = $_POST["txtname"];
    $email = $_POST["txtemail"];
    $pass = $_POST["txtpass"];
    $mobile = $_POST["txtmono"];
    $sql = $conn->prepare("INSERT INTO register(name,email,password,mobile_no)
    VALUES(:name,:email,:password,:mobileno)");
    $sql->bindParam(':name',$name);
    $sql->bindParam(':email',$email);
    $sql->bindParam(':password',$pass);
    $sql->bindParam(':mobileno',$mobile);
    $sql->execute();
    echo "Insert Data Successfully";
} catch (PDOException $th) {
    echo "$sql" . "<br>". $th->getMessage();
}
$conn = null;
}
?>

you can also watch our video if you are not understand: