");
echo ("Info Tech Tool 2 = " . $_POST['tool2']);
echo ("
");
// use function displayPostArray to be able to display contents of $_POST
// in a way that is flexible in terms of items stored in $_POST
displayPostArray($_POST);
// ADDED in Step 8
// want to connect to MySQL database
// first load into memory the database credentials defined in login file
require_once 'login_spoerri.php'; // remember to change to your lastname
// use database credentials to connect to MySQL
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
// test if successful in connecting to MySQL
if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
// test if successful in connecting to your database
mysql_select_db($db_database) or die("Unable to select database: " . mysql_error());
//
// test to make sure that each tool is non-empty ...
// just to make sure in case JavaScript validation gets by passed
if (isset($_POST['tool1']) &&
isset($_POST['tool2'])
)
{
// assign to variables after "cleansing" data by using function mysql_fix_string (defined further down)
$tool1 = mysql_fix_string($_POST['tool1']);
$tool2 = mysql_fix_string($_POST['tool2']);
// create query for entering data in to MySQL table = tools
// need to specify which attributes we are providing since we don't provide all attributes
$query = "INSERT INTO tools (tool1, tool2) VALUES" .
"('$tool1', '$tool2')";
// testing if successful inserting data in table
if (!mysql_query($query, $db_server))
echo "INSERT failed: $query
" .
mysql_error() . "
";
}
// define functions ... it is okay that they are defined after they are being called
//
function displayPostArray ($postarray) {
// echo ("displayPostArray.
");
// want to loop through each item of associative array
// Use of => is similar to the regular = assignment operator,
// except that you are assigning a value to an index and not to a variable.
// "as" is used to assign a specific element of array to variable $tool
// and => is used to assign value associated with $tool to the variable $score
foreach ($postarray as $tool => $score)
{
echo "$tool" . " = " . "$score
";
}
//
}
// create function to make sure date sent to database is safe
// passes each retrieved item through the mysql_real_escape_string function to strip out any characters
// that a hacker may have inserted in order to break into or alter your database
function mysql_fix_string($string)
{
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return mysql_real_escape_string($string);
}
?>