$send = false; $error = false; function string2sql($string) { return mysql_real_escape_string($string); } if(isset($_POST["vorname"])) { $vorname = (empty($_POST["vorname"])) ? false : string2sql($_POST["vorname"]); $nachname = (empty($_POST["nachname"])) ? false : string2sql($_POST["nachname"]); $email = (empty($_POST["email"])) ? false : string2sql($_POST["email"]); $telefon = (empty($_POST["telefon"])) ? "" : string2sql($_POST["telefon"]); $job = (empty($_POST["job"])) ? false : string2sql($_POST["job"]); $antwort = (!isset($_POST["antwort"])) ? false : string2sql($_POST["antwort"]); if($vorname===false||$nachname===false||$email===false||$job===false||$antwort===false) { $error = true; } if($error===false) { $mysql = mysql_connect("localhost", "root", "5IqGlBmlG"); $sql = "INSERT INTO `yahoo`.`formular` (`vorname`, `nachname`, `email`, `telefon`, `job`, `antwort`) VALUES ('".$vorname."', '".$nachname."', '".$email."','".$telefon."','".$job."','".$antwort."')"; $result = mysql_query($sql); if($result) { $send = true; } else { $send = false; } $close = mysql_close(); } } ?>