zver, в джоне делают так
if (isset($_POST['submit'])) {
$name = isset($_POST['name']) ? mysql_real_escape_string($_POST['name']) : '';
$number = isset($_POST['number']) ? mysql_real_escape_string($_POST['number']) : '';
$email = isset($_POST['email']) ? mysql_real_escape_string($_POST['email']) : '';
$by = isset($_POST['by']) ? mysql_real_escape_string($_POST['by']) : '';
$name2 = isset($_POST['name2']) ? mysql_real_escape_string($_POST['name2']) : '';
$number2 = isset($_POST['number2']) ? mysql_real_escape_string($_POST['number2']) : '';
$old = isset($_POST['old']) ? mysql_real_escape_string($_POST['old']) : '';
$gorod = isset($_POST['gorod']) ? mysql_real_escape_string($_POST['gorod']) : '';
$raion = isset($_POST['raion']) ? mysql_real_escape_string($_POST['raion']) : '';
$adress = isset($_POST['adress']) ? mysql_real_escape_string($_POST['adress']) : '';
$postcode = isset($_POST['postcode']) ? mysql_real_escape_string($_POST['postcode']) : '';
mysql_query("INSERT INTO `table` SET
`name` = '" . $name . "',
`number` = '" . $number . "',
`email` = '" . $email . "',
`by` = '" . $by . "',
//много полей
`postcode` = '" . $postcode . "'");
}
else {
// тут форма
}все поля предполагаются текстовыми