Brian Tkatch wrote:What error are you receiving? Have you tries running the command from the mysql prompt itself?
Using variables in passed sql statements is called Dynamic SQL and is generally considered insecure. Please instead use placeholders and prepare the statement, passing the values only when executing it.
Hi Brian,
Thanks for responding to this.
I am receiving no error, when you go to the form and add data, it just does not add it to the database.
I successfully added the data from the myPhpadmin.
When you say, "Please instead use placeholders and prepare the statement, passing the values only when executing it.", can you explain this a bit more?
I thought this:
was suppose to make this more secure?
I'm new to databases and I'm just looking at a good way to connect an android app to a mysql database. If anyone has any other resources/tutorials
that explain how to do this in a secure way, I would really appreciate it.
I'm going to look for some other resources on doing this as well.
Thank you.