Hello all,
I am building an online Logbook service and have come to a dead end with my script. I am trying to make it so that when members are logged in, they can add records to a database (which I have done), then it automatically assigns that members id to any records they add. The members id is in table 'users' and the new records will be going in table 'realflights'.

Here's the code so far:

<?php
session_start();
include ("configuration.php");
?>
(HTML CODING)

<?php 
	if ($logged_in = is_logged_in())
	{
	if ($logged_in = is_logged_in())
	{
	$user = retrieve_user($logged_in);
	if (empty($_GET['id']))
	{
	$_GET['id'] = $user['id'];
	}
						
	$user = retrieve_user($logged_in);
	if ($_POST['submit-real-flight'])
	{
	{
	$update = mysql_query("INSERT INTO `realflights` SET `date_year` = '" .
	mysql_real_escape_string($_POST['date_year']) . "', `date_month` = '" . 
	mysql_real_escape_string($_POST['date_month']) . "', `date_day` = '" .
	mysql_real_escape_string($_POST['date_day']) . "', `aircraft_type` = '" .
	mysql_real_escape_string($_POST['aircraft_type']) . "', `aircraft_reg` = '" .
	mysql_real_escape_string($_POST['aircraft_reg']) . "', `captain` = '" .
	mysql_real_escape_string($_POST['captain']) . "', `holder_cap_rating` = '" .
	mysql_real_escape_string($_POST['holder_cap_rating']) . "', `from` = '" .
	mysql_real_escape_string($_POST['from']) . "', `to` = '" .
	mysql_real_escape_string($_POST['to']) . "', `time_dep` = '" .
	mysql_real_escape_string($_POST['time_dep']) . "', `time_arr` = '" .
	mysql_real_escape_string($_POST['time_arr']) . "', `day_se_command` = '" .
	mysql_real_escape_string($_POST['day_se_command']) . "', `day_se_dual` = '" .
	mysql_real_escape_string($_POST['day_se_dual']) . "', `day_me_command` = '" .
	mysql_real_escape_string($_POST['day_me_command']) . "', `day_me_dual` = '" .
	mysql_real_escape_string($_POST['day_me_dual']) . "', `night_se_command` = '" .
	mysql_real_escape_string($_POST['night_se_command']) . "', `night_se_dual` = '" .
	mysql_real_escape_string($_POST['night_se_dual']) . "', `night_me_command` = '" .
	mysql_real_escape_string($_POST['night_me_command']) . "', `night_me_dual` = '" .
	mysql_real_escape_string($_POST['night_me_dual']) . "', `instrument_flight` = '" .
	mysql_real_escape_string($_POST['instrument_flight']) . "', `other_flying` = '" .
	mysql_real_escape_string($_POST['other_flying']) . "', `day_to` = '" .
	mysql_real_escape_string($_POST['day_to']) . "', `day_land` = '" .
	mysql_real_escape_string($_POST['day_land']) . "', `night_to` = '" .
	mysql_real_escape_string($_POST['night_to']) . "', `night_land` = '" .
	mysql_real_escape_string($_POST['night_land']) . "', `remarks` = '" .
	mysql_real_escape_string($_POST['remarks']) . "', `flight_id` = '" .
	mysql_real_escape_string($_POST['flight_id']) . "'");
	}
	}
	if ($update)
	{
	$response_message = "You have successfully added a flight.";
		}
		else
		{
		$response_message = "Error, Unable to add flight..";
		}
		}
		$user = retrieve_user($logged_in);
		echo $response_message;
		}
		else
		{
		echo "You are not logged in.<br /><a href=\"login.php\">Login Here</a>";
		}
	?>

(MORE HTML CODE)

Please bear in mind I am moderately new to PHP and mysql so can you please explain the solution in laymans terms? Thankyou.

Solved
mysql_real_escape_string($_POST) . "', `pilot_id` = '" .
mysql_real_escape_string($user) . "'");

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.