Select and fetch data from mysql table using PHP help of Parameters Prepared Statements.
- This is secure
- This is error less
- Faster then any others
<?php
@$conn = mysqli_connect(‘localhost’,’root’,”,’testdb’) or die(“Please check your database username and password”)
?>
<!doctype html>
<html>
<head>
<meta charset=”utf-8″>
<title>Insert into table</title>
<meta name=”viewport” content=”width=device-width, initial-scale=1″>
<link rel=”stylesheet” href=”https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css”>
<script src=”https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js”></script>
<script src=”https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js”></script>
<style>
#myform
{
margin:20px;
-webkit-box-shadow: 0px 1px 1px 1px rgba(0,0,0,0.15);
-moz-box-shadow: 0px 1px 1px 1px rgba(0,0,0,0.15);
box-shadow: 0px 1px 1px 1px rgba(0,0,0,0.15);
}
</style>
</head>
<body>
<div id=”myform” class=”panel panel-primary”>
<div class=”panel-heading”>My Secure form</div>
<div class=”panel-body”>
<div class=”row”>
<div class=”col-lg-12″>
<form method=”post” enctype=”multipart/form-data” action=”?”>
<div class=”row”>
<div class=”col-lg-3″>
<div class=”form-group”>
<label>Name</label>
<input type=”text” name=”name” class=”form-control”>
</div>
</div>
<div class=”col-lg-3″>
<div class=”form-group”>
<label>Email</label>
<input type=”text” name=”email” class=”form-control”>
</div>
</div>
<div class=”col-lg-3″>
<div class=”form-group”>
<label>Contact Number</label>
<input type=”text” name=”cnum” class=”form-control”>
</div>
</div>
<div class=”col-lg-3″>
<div class=”form-group”>
<label>Address</label>
<input type=”text” name=”add” class=”form-control”>
</div>
</div>
<div class=”col-lg-12″>
<div class=”form-group”>
<button class=”btn btn-primary pull-right” type=”submit” name=”submit”>
Submit information
</button>
</div>
</div>
</div>
</form>
</div>
</div>
<div class=”panel-footer”>
<?php
if(isset($_POST[‘submit’]))
{
$name = mysqli_real_escape_string($conn, $_POST[‘name’]);
$email = mysqli_real_escape_string($conn, $_POST[’email’]);
$contactn = mysqli_real_escape_string($conn, $_POST[‘cnum’]);
$addrs = mysqli_real_escape_string($conn, $_POST[‘add’]);
if($name != “” and $email != “” and $contactn != “” and $addrs != “”)
{
$insert = “INSERT INTO infotab(name,email,contact,address) VALUES(?,?,?,?)”;
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $insert))
{
echo “Opps Technical Problems….”;
}
else
{
mysqli_stmt_bind_param($stmt, “ssss”, $name, $email, $contactn, $addrs);
mysqli_stmt_execute($stmt);
}
echo “Data Inserted Successfully”;
}
unset($stmt);
}
?>
</div>
</div>
</div>
<div class=”panel panel-default” id=”myform”>
<div class=”panel-heading”>My Secure form</div>
<div class=”panel-body”>
<div class=”row”>
<div class=”col-lg-12″>
<table class=”table table-bordered”>
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Contact Number</th>
<th>Address</th>
</tr>
</thead>
<tbody>
<?php
if($stmt = $conn->
prepare(“SELECT name,email,contact,address FROM infotab”))
{
$stmt->execute();
$stmt->bind_result($name,$email,$contact,$address);
while($stmt->fetch())
{
?>
<tr>
<td><?php echo $name; ?></td>
<td><?php echo $email; ?></td>
<td><?php echo $contact; ?></td>
<td><?php echo $address; ?></td>
</tr>
<?php
}
}
?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</body>
</html>
