- PHP MySQL INSERT Query
- Inserting Data into a MySQL Database Table
- Example
- Inserting Multiple Rows into a Table
- Example
- Insert Data into a Database from an HTML Form
- Step 1: Creating the HTML Form
- Example
- Step 2: Retrieving and Inserting the Form Data
- Example
- PHP5 MySQL Вставить данные
- Пример MySQLi — объектно-ориентированный
- Пример MySQLi — процессуальный
- Пример PDO
- PHP MySQL Insert Data
- Example (MySQLi Object-oriented)
- Example (MySQLi Procedural)
- Example (PDO)
PHP MySQL INSERT Query
In this tutorial you will learn how to insert records in a MySQL table using PHP.
Inserting Data into a MySQL Database Table
Now that you’ve understood how to create database and tables in MySQL. In this tutorial you will learn how to execute SQL query to insert records into a table.
The INSERT INTO statement is used to insert new rows in a database table.
Let’s make a SQL query using the INSERT INTO statement with appropriate values, after that we will execute this insert query through passing it to the PHP mysqli_query() function to insert data in table. Here’s an example, which insert a new row to the persons table by specifying values for the first_name, last_name and email fields.
Example
// Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('Peter', 'Parker', 'peterparker@mail.com')"; if(mysqli_query($link, $sql)) < echo "Records inserted successfully."; >else < echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); >// Close connection mysqli_close($link); ?>
connect_error); > // Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('Peter', 'Parker', 'peterparker@mail.com')"; if($mysqli->query($sql) === true) < echo "Records inserted successfully."; >else< echo "ERROR: Could not able to execute $sql. " . $mysqli->error; > // Close connection $mysqli->close(); ?>
setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); > catch(PDOException $e)< die("ERROR: Could not connect. " . $e->getMessage()); > // Attempt insert query execution try< $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('Peter', 'Parker', 'peterparker@mail.com')"; $pdo->exec($sql); echo "Records inserted successfully."; > catch(PDOException $e)< die("ERROR: Could not able to execute $sql. " . $e->getMessage()); > // Close connection unset($pdo); ?>
If you remember from the preceding chapter, the id field was marked with the AUTO_INCREMENT flag. This modifier tells the MySQL to automatically assign a value to this field if it is left unspecified, by incrementing the previous value by 1.
Inserting Multiple Rows into a Table
You can also insert multiple rows into a table with a single insert query at once. To do this, include multiple lists of column values within the INSERT INTO statement, where column values for each row must be enclosed within parentheses and separated by a comma.
Let’s insert few more rows into the persons table, like this:
Example
// Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('John', 'Rambo', 'johnrambo@mail.com'), ('Clark', 'Kent', 'clarkkent@mail.com'), ('John', 'Carter', 'johncarter@mail.com'), ('Harry', 'Potter', 'harrypotter@mail.com')"; if(mysqli_query($link, $sql)) < echo "Records added successfully."; >else < echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); >// Close connection mysqli_close($link); ?>
connect_error); > // Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('John', 'Rambo', 'johnrambo@mail.com'), ('Clark', 'Kent', 'clarkkent@mail.com'), ('John', 'Carter', 'johncarter@mail.com'), ('Harry', 'Potter', 'harrypotter@mail.com')"; if($mysqli->query($sql) === true) < echo "Records inserted successfully."; >else< echo "ERROR: Could not able to execute $sql. " . $mysqli->error; > // Close connection $mysqli->close(); ?>
setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); > catch(PDOException $e)< die("ERROR: Could not connect. " . $e->getMessage()); > // Attempt insert query execution try< $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('John', 'Rambo', 'johnrambo@mail.com'), ('Clark', 'Kent', 'clarkkent@mail.com'), ('John', 'Carter', 'johncarter@mail.com'), ('Harry', 'Potter', 'harrypotter@mail.com')"; $pdo->exec($sql); echo "Records inserted successfully."; > catch(PDOException $e)< die("ERROR: Could not able to execute $sql. " . $e->getMessage()); > // Close connection unset($pdo); ?>
Now, go to phpMyAdmin ( http://localhost/phpmyadmin/ ) and check out the persons table data inside demo database. You will find the value for the id column is assigned automatically by incrementing the value of previous id by 1.
Note: Any number of line breaks may occur within a SQL statement, provided that any line break does not break off keywords, values, expression, etc.
Insert Data into a Database from an HTML Form
In the previous section, we have learned how to insert data into database from a PHP script. Now, we’ll see how we can insert data into database obtained from an HTML form. Let’s create an HTML form that can be used to insert new records to persons table.
Step 1: Creating the HTML Form
Here’s a simple HTML form that has three text fields and a submit button.
Example
Step 2: Retrieving and Inserting the Form Data
When a user clicks the submit button of the add record HTML form, in the example above, the form data is sent to ‘insert.php’ file. The ‘insert.php’ file connects to the MySQL database server, retrieves forms fields using the PHP $_REQUEST variables and finally execute the insert query to add the records. Here is the complete code of our ‘insert.php’ file:
Example
// Escape user inputs for security $first_name = mysqli_real_escape_string($link, $_REQUEST['first_name']); $last_name = mysqli_real_escape_string($link, $_REQUEST['last_name']); $email = mysqli_real_escape_string($link, $_REQUEST['email']); // Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('$first_name', '$last_name', '$email')"; if(mysqli_query($link, $sql)) < echo "Records added successfully."; >else < echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); >// Close connection mysqli_close($link); ?>
connect_error); > // Escape user inputs for security $first_name = $mysqli->real_escape_string($_REQUEST['first_name']); $last_name = $mysqli->real_escape_string($_REQUEST['last_name']); $email = $mysqli->real_escape_string($_REQUEST['email']); // Attempt insert query execution $sql = "INSERT INTO persons (first_name, last_name, email) VALUES ('$first_name', '$last_name', '$email')"; if($mysqli->query($sql) === true) < echo "Records inserted successfully."; >else< echo "ERROR: Could not able to execute $sql. " . $mysqli->error; > // Close connection $mysqli->close(); ?>
setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); > catch(PDOException $e)< die("ERROR: Could not connect. " . $e->getMessage()); > // Attempt insert query execution try< // Create prepared statement $sql = "INSERT INTO persons (first_name, last_name, email) VALUES (:first_name, :last_name, :email)"; $stmt = $pdo->prepare($sql); // Bind parameters to statement $stmt->bindParam(':first_name', $_REQUEST['first_name']); $stmt->bindParam(':last_name', $_REQUEST['last_name']); $stmt->bindParam(':email', $_REQUEST['email']); // Execute the prepared statement $stmt->execute(); echo "Records inserted successfully."; > catch(PDOException $e)< die("ERROR: Could not able to execute $sql. " . $e->getMessage()); > // Close connection unset($pdo); ?>
In the next chapter we will extend this insert query example and take it one step further by implementing the prepared statement for better security and performance.
Note: The mysqli_real_escape_string() function escapes special characters in a string and create a legal SQL string to provide security against SQL injection.
This is very basic example of inserting the form data in a MySQL database table. You can extend this example and make it more interactive by adding validations to the user inputs before inserting it to the database tables. Please check out the tutorial on PHP form validation to learn more about sanitizing and validating user inputs using PHP.
PHP5 MySQL Вставить данные
После создания базы данных и таблицы мы можем начать добавлять данные.
Ниже приведены некоторые синтаксические правила:
- SQL запрос должен быть заключен в кавычки
- Строковых значений в SQL запросе должны быть заключены в кавычки
- Цифровые значения не должны заключатся в кавычки
- Слово NULL не должено заключатся в кавычки
Заявление INSERT INTO используется, чтобы добавить новые записи к таблице MySQL:
Чтобы узнать больше о SQL, пожалуйста, посетите наш Учебник SQL.
В предыдущей главе, мы создали пустую таблицу с именем «MyGuests» , с пятью столбиками: «id» , «firstname» , «lastname» , «email» и «reg_date» . Теперь давайте заполним таблицу данными.
Примечание: AUTO_INCREMENT ( «id» столбец) или TIMESTAMP ( «reg_date» столбец), не нужно указывать в SQL запросе; MySQL автоматически добавит заявление.
Следующие примеры добавляют новую запись в таблицу «MyGuests» :
Пример MySQLi — объектно-ориентированный
// Подключение к MySQL
$servername = «localhost»; // локалхост
$username = «root»; // имя пользователя
$password = «»; // пароль если существует
$dbname = «myDB»; // база данных
?php
// Создание соединения
$conn = new mysqli($servername, $username, $password, $dbname);
// Проверка соединения
if ($conn->connect_error) die(«Ошибка подключения: » . $conn->connect_error);
>
// Установка данных в таблицу
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘Андрей’, ‘Щипунов’, ‘and-shhipunov@mail.ru’)»;
if ($conn->query($sql) === TRUE) echo «Успешно создана новая запись»;
> else echo «Ошибка: » . $sql . «
» . $conn->error;
>
// Закрыть подключение
$conn->close();
?>
Пример MySQLi — процессуальный
// Подключение к MySQL
$servername = «localhost»; // локалхост
$username = «root»; // имя пользователя
$password = «»; // пароль если существует
$dbname = «myDB»; // база данных
?php
// Создание соединения
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Проверка соединения
if (!$conn) die(«Подключение не удалось: » . mysqli_connect_error());
>
// Установка данных в таблицу
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘Андрей’, ‘Щипунов’, ‘and-shhipunov@mail.ru’)»;
if (mysqli_query($conn, $sql)) echo «Успешно создана новая запись»;
> else echo «Ошибка: » . $sql . «
» . mysqli_error($conn);
>
// Закрыть подключение
mysqli_close($conn);
?>
Пример PDO
// Подключение к MySQL
$servername = «localhost»; // локалхост
$username = «root»; // имя пользователя
$password = «»; // пароль если существует
$dbname = «myDBPDO»; // база данных
?php
// Создание соединения и исключения
try $conn = new PDO(«mysql:host=$servername;dbname=$dbname», $username, $password);
// Установить режим ошибки PDO в исключение
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Установка данных в таблицу
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘Андрей’, ‘Щипунов’, ‘and-shhipunov@mail.ru’)»;
// Используйте exec (), поскольку результаты не возвращаются
$conn->exec($sql);
echo «Успешно создана новая запись»;
>
catch(PDOException $e)
echo $sql . «
» . $e->getMessage();
>
// Закрыть подключение
$conn = null;
?>
PHP MySQL Insert Data
After a database and a table have been created, we can start adding data in them.
Here are some syntax rules to follow:
- The SQL query must be quoted in PHP
- String values inside the SQL query must be quoted
- Numeric values must not be quoted
- The word NULL must not be quoted
The INSERT INTO statement is used to add new records to a MySQL table:
To learn more about SQL, please visit our SQL tutorial.
In the previous chapter we created an empty table named «MyGuests» with five columns: «id», «firstname», «lastname», «email» and «reg_date». Now, let us fill the table with data.
Note: If a column is AUTO_INCREMENT (like the «id» column) or TIMESTAMP with default update of current_timesamp (like the «reg_date» column), it is no need to be specified in the SQL query; MySQL will automatically add the value.
The following examples add a new record to the «MyGuests» table:
Example (MySQLi Object-oriented)
$servername = «localhost»;
$username = «username»;
$password = «password»;
$dbname = «myDB»;
?php
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) die(«Connection failed: » . $conn->connect_error);
>
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘John’, ‘Doe’, ‘john@example.com’)»;
if ($conn->query($sql) === TRUE) echo «New record created successfully»;
> else echo «Error: » . $sql . «
» . $conn->error;
>
Example (MySQLi Procedural)
$servername = «localhost»;
$username = «username»;
$password = «password»;
$dbname = «myDB»;
?php
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) die(«Connection failed: » . mysqli_connect_error());
>
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘John’, ‘Doe’, ‘john@example.com’)»;
if (mysqli_query($conn, $sql)) echo «New record created successfully»;
> else echo «Error: » . $sql . «
» . mysqli_error($conn);
>
Example (PDO)
$servername = «localhost»;
$username = «username»;
$password = «password»;
$dbname = «myDBPDO»;
?php
try $conn = new PDO(«mysql:host=$servername;dbname=$dbname», $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = «INSERT INTO MyGuests (firstname, lastname, email)
VALUES (‘John’, ‘Doe’, ‘john@example.com’)»;
// use exec() because no results are returned
$conn->exec($sql);
echo «New record created successfully»;
> catch(PDOException $e) echo $sql . «
» . $e->getMessage();
>