if(!empty($_POST["save"])) {
  $conn = mysql_connect("localhost","root","");
  mysql_select_db("admin");
  $itemCount = count($_POST["item_name"]);
  $itemValues=0;
  $query = "INSERT INTO item (item_name,item_price) VALUES ";
  $queryValue = "";
  for($i=0;$i<$itemCount;$i++) {
    if(!empty($_POST["item_name"][$i]) || !empty($_POST["item_price"][$i])) {
      $itemValues++;
      if($queryValue!="") {
        $queryValue .= ",";
      }
      $queryValue .= "('" . $_POST["item_name"][$i] . "', '" . $_POST["item_price"][$i] . "')";
    }
  }
  $sql = $query.$queryValue;
  if($itemValues!=0) {
    $result = mysql_query($sql);
    if(!empty($result)) $message = "Added Successfully.";
  }
}

My username and password is root..but it doesn't connect..is there any privilages to connent..please help me to resolve this..

1

There are 1 answers

0
AudioBubble On

First of all: You're using an deprecated API and your code is vulnerable to sql injections, so you should really take a few minutes to read Choosing an API and the accepted answer to How can I prevent SQL-injection in PHP?.

If you take a look at the mysql_connect documentation you will find that the third parameter is the password, so if your password is "root", you should change your code to:

$conn = mysql_connect("localhost","root","root");