Can you provide an example of how to validate form entries before inserting them into a database in PHP?

When inserting form entries into a database in PHP, it is important to validate the data to ensure it meets the required criteria and prevent SQL injection attacks. One way to do this is by using PHP's filter_var function to sanitize and validate the input before inserting it into the database.

// Validate form entries before inserting into the database
$name = filter_var($_POST[&#039;name&#039;], FILTER_SANITIZE_STRING);
$email = filter_var($_POST[&#039;email&#039;], FILTER_VALIDATE_EMAIL);

// Check if the input is valid
if ($name &amp;&amp; $email) {
    // Insert the validated data into the database
    $query = &quot;INSERT INTO users (name, email) VALUES (&#039;$name&#039;, &#039;$email&#039;)&quot;;
    // Execute the query
    $result = mysqli_query($connection, $query);

    if ($result) {
        echo &quot;Data inserted successfully&quot;;
    } else {
        echo &quot;Error inserting data into the database&quot;;
    }
} else {
    echo &quot;Invalid input data&quot;;
}

Keywords

form validation database insertion PHP sanitize input error handling

Can you provide an example of how to validate form entries before inserting them into a database in PHP?

Keywords

Related Questions