Inserting into database using a PDO

Question

I\'m trying to insert data into a database that I have on my server.

To connect to my database I have the following code:

Answer 1

For a better-secured Database data insertion into the database, I believe your code should look more like this.

// First make your Database connections like so.
$host = "/homes/49/jc192699/public_html/dbase/";
$database = "EduPro.db";
try {
    $conn = new PDO("sqlite:".$host.$database);
} catch (PDOException $e) {
    echo 'Connection error: ' . $e->getMessage();
}

//then next we make the data insertion using a prepared statement.
// Try to insert the data to the database

try {
    $username = "test";
    $password = "testy";

    $sql = "INSERT INTO USERS (userName, password) VALUES ('test', 'testy')";
    $sth = $conn->query($sql);

    $stmt = $db->prepare("INSERT INTO usersdata (userName, password) VALUES (:uname, :pass)");
    $stmt->bindParam(':uname', $username);
    $stmt->bindParam(':pass', $password);
    $stmt->execute();

    echo "Data inserted "; //Just get a success message

} catch(PDOException $e) {
    echo $e->getMessage();
}