How to add entries to mysql db using API..? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers. 开发者_如何学编程

---

Want to improve this question? Add details and clarify the problem by editing this post.

Closed 9 years ago.

Improve this question

I am new to PHP and mysql and i am trying to make API's for my iphone app. So far i have been able to connect and retrive data from my sql database now m trying to make entries to it using API's and parameters.

Can anyone help me out here please.

Thanks alot!!

---

If by to make entries you mean adding data to the database.

You do this in the same way that you select data.
Instead of issuing a select statement like:

SELECT x,y,z FROM table1 

You do:

INSERT INTO table1 (x,y,z) VALUES ('a', 1, 'test')

Or:

UPDATE table1 SET x = 'b' WHERE x = 'a'

How you pass parameters depends on the API you use.
It is best (safest) to use PDO to pass parameters.

How to get parameters out of a url
In order to get the parameters out of the url (e.g.: example.com/test.php?username=xyz&password=!@#$%) do:

$username = mysql_real_escape_string($_GET['username']);  
$password = mysql_real_escape_string($_GET['password']);  
$query = "SELECT * FROM users WHERE username = '$username' 
          AND passhash = sha2(CONCAT(salt,'$password'),512)";

Note that it's vital to put single quotes around the injected variable names when using mysql_real_escape_string() or the escaping will be useless. Used like this the code is 100% secure from SQL-injection.

If you're using PDO, you can drop the mysql_real_escape_string() if not you need it to prevent SQL-injection.

Links
http://dev.mysql.com/doc/refman/5.5/en/update.html
http://dev.mysql.com/doc/refman/5.5/en/insert.html
http://php.net/manual/en/ref.pdo-mysql.php
https://stackoverflow.com/search?q=%5Bphp%5D+%5Bmysql%5D+pdo
http://php.net/manual/en/reserved.variables.get.php
http://php.net/manual/en/function.mysql-real-escape-string.php