Databases Reference
In-Depth Information
Web server
form.html
process.php
Inserts a new artist entry
into the database
2.
Server sends
form.html
4.
Server sends
process.php output
1.
Browser requests
form.html
3.
Browser submits form
data and requests
process.php
HTML content (form)
HTML content (confirmation)
process.php executed each time
the confirmation page is loaded
User system (browser)
Figure 14-3. The reload problem
// Add the artist, using the next available artist_id
$query="INSERT INTO artist (artist_id, artist_name) ".
"SELECT MAX(artist_id)+1, '$artist_name' FROM artist";
if (! @ mysqli_query($connection, $query))
die("Couldn't add artist");
print "Added artist: ".$_GET['artist_name'];
}
else
{
print "No artist name was provided";
}
?>
Note that we've included the
db.php
file for the database parameters and the definition
of the
clean( )
function to untaint data from the user.
Figure 14-3 shows what happens when the user submits the form we described earlier
in “Processing and Using User Data.” The web browser submits the artist name and
the album name provided by the user, and requests the
process.php
script.A new artist
row is added to the database each time the
process.php
script runs, which is each time
the PHP page is requested by a web browser. There are many ways that the page can
be requested by a web browser. The user can press the Refresh or Reload button; type
in the URL and press the Enter key; print the page; visit the page again using the Back
or Forward buttons or browser history; or resize the browser window.
