i have an HTML form, i also have 3 tables, one for posts, one for tags and one for blog_post_tags.

when the user clicks submit after filling out the form, its sent to a file that is supposed to upload those values to the appropriate fields in the database as well as copy certain values from tags and posts into blog_post_tags. this is what i have:

but it doesnt do that, it doesnt do anything as a matter of fact, i tried just using one line in the db connection:

and it worked, but if i try this:

it only does the last $sql to tags instead of both

keep in mind that tags is a different table, so is there a way to get it to upload the data from the form into both tables?

please help me out with this

figured it out.. instead of using $sql= just use mysql_query();

but its it possible to insert one value from a different table into two different columns in the same table? i tried :


with no luck

of course no luck -- in fact, an error message

you are inserting into two columns, and providing only one value

so how would i provide the other value? im afraid of using commas in SELECT.. ps im 'brand new' to php

well, let's think about what you want to insert

MAX(id) FROM tags gives you -- presumably -- the id of the last tag added to the system

this isn't necessarily the id of the tag that was selected for the blog post by the user -- unless every tag that any user slaps on any post is automatically added as a new tag, even if it's been used before

so there's that problem

now, the other value that you want to provide is the id of the blog post, and you'd get that from php processing the form, which somehow has to indicate which post is being tagged, yes?

i didnt think about that, but it does add every tag as a new tag.. lol my problems just keep growing

but overall you're pretty much right, just wish i knew what to do

Just one other piece of advice, when adding entries into a database be sure to escape the strings. It someone posts a title "It's not fair" you will have problems. The single quote in the string being passed in will close the first string and you will end up with a MySQL syntax error. Using mysql_real_escape_string will solve this problem for you.

ok, i read up on the real escape string and im officially confused by this example:

but actually, its unnecessary since the page with the blog is only accessible by admins

If $password is "' OR '' = '" then when replace this into your SQL query below you will get something like:

SELECT * FROM users WHERE user='username' AND password='' OR '' = ''

The OR at the end mean you have bypassed the password protection all you need to do is guess the username.