The first problem (which is what caused the error) is you have invented a function.
The mysql_connect_db function does not exist. You're probably confused with mysql_select_db .
Basic issues like this are resolved by reading at least the basics of the documentation.
The problem you have soon after, as explained by colleague Simão Ítalo , is the mixture of two different libraries . As it demonstrated in the given response, mysqli does not need a separate function to select the DB default . This is done in the connection:
$link = mysqli_connect( $servidor, $usuario, $senha, $banco );
^^^^^^
Always remember that you can use the following syntax, if you prefer to omit the bank when connecting, and / or need to select data from different banks (after all, DB default is only used in case of query ):
SELECT id, nome FROM banco1.cadastro ORDER BY nome
^^^^^^
Then you are committing one of the most barbaric crimes of TM security, which is to use the data without any kind of sanitization:
$nome = $_POST["nome"];
$telefone = $_POST["telefone"];
$email = $_POST["email"];
As a result, sooner or later you will have your DB erased or corrupted, and having your system and all of your DB data used improperly.
The simplest solution is to sanitize the data, and for both% and%%, there are appropriate functions for this. In the case of mysql :
$nome = mysqli_real_escape_string ( $link, $_POST["nome"] );
$telefone = mysqli_real_escape_string ( $link, $_POST["telefone"] );
$email = mysqli_real_escape_string ( $link, $_POST["email"] );
This may help you to better understand:
How to prevent SQL injection in my PHP code?
In fact, as a matter of performance (and doing the right thing) would have to do more and see if the data actually exists, but in terms of security, what matters is the above sanitization (and correct the correct set character used by the script).
Prepared statements , which although they are neither more nor less secure than the above correction, has a much higher performance in the case of queries with multiple lines, and better organize the code.
How to use prepared statements with external variables in MySQL
In addition, it is worth remembering that using mysqli in procedural mode, mysqli is usually always the first parameter:
$sql = mysqli_query( $link, 'INSERT ...
$result = mysql_query( $link, $sql );
This series of things gives an impression of "programming oriented to kick". Do not understand this as an offense, but rather as a constructive criticism to improve your attention to the basics, otherwise you run the risk of living from copy & paste as a lot of people who think you are a programmer but are not, and what we want is for you to really learn and evolve.
So, follow the adjusted code:
<?php
$servidor ='localhost';
$usuario ='root';
$senha ='';
$banco= 'agenda';
// estabelecendo a conexão com o servidor
$link = mysqli_connect( $servidor, $usuario, $senha, $banco );
// Aqui insere os novos usuários
$nome = mysqli_real_escape_string ( $link, $_POST['nome'] );
$telefone = mysqli_real_escape_string ( $link, $_POST['telefone'] );
$email = mysqli_real_escape_string ( $link, $_POST['email'] );
// quebrei em duas linhas só pra facilitar a leitura
$sql = "INSERT INTO CONTATO( nome, telefone, email)";
$sql .= " VALUES ( '$nome', '$telefone', '$email' )";
// executando todas as chamadas do sql e armazenando os dados.
$result = mysqli_query( $link, $sql );
if( $result ) {
echo 'CADASTRO REALIZADO COM SUCESSO!';
} else {
echo 'CADASTRO NAO REALIZADO!';
}
?>
Obviously you can only test in real conditions, so if you have any further problems that went unnoticed, just leave a comment that we reviewed.
