【发布时间】:2022-01-11 08:26:31
【问题描述】:
我知道以前有人问过这个问题,并且我查看了许多不同的解决方案。但还是请帮忙。我会切入正题,我正在尝试将从调查中获取的数据插入到我的 SQL 数据库中。 编辑1:我想出了如何防止身份不明的数组。我刚刚指定了数据应该去哪里。请参阅下面的 php。 编辑2:非常感谢大家的反馈。我只剩下一个问题了。
如果用户选择了多个复选框。如何让复选按钮中的值出现在同一列中?
例如:是的
20-40
辉瑞
疼痛、肿胀
发冷、发烧、恶心
我不确定问题出在哪里,因为我在学习了一些教程并浏览了 w3schools 之后才刚刚开始这个项目。 这是 HTML 表单
<body>
<h1>Covid Vaccine Experience Survey</h1>
<!-- Create Form "action" will send the submit button to the result page-->
<form id="form" action="site.php" method="post">
<div class="form-control">
<label>
1. *This Survey is Only for Vaccinated Particapants*
Are you Vaccinated?
</label>
<!-- Input Type Radio Button -->
<label for="answer-1">
<input type="radio"
id="answer-1"
name="answer">Yes</input>
</label>
<label for="answer-2">
<input type="radio"
id="answer-2"
name="answer">No</input>
</label>
</div>
<div class="form-control">
<label>
2. What is you're Age Group?
</label>
<!--Input Type Radio Button -->
<label for="agegroup-1">
<input type="radio"
id="agegroup-1"
name="agegroup" required>5-12</input>
</label>
<label for="agegroup-2">
<input type="radio"
id="agegroup-2"
name="agegroup">12-19</input>
</label>
<label for="agegroup-3">
<input type="radio"
id="agegroup-3"
name="agegroup">20-40</input>
</label>
<label for="agegroup-4">
<input type="radio"
id="agegroup-4"
name="agegroup">50-69</input>
</label>
<label for="agegroup-5">
<input type="radio"
id="agegroup-5"
name="agegroup">70+</input>
</label>
</div>
<div class="form-control">
<label for="Vaccine">
3. Select Vaccine type:
<small>(Click the Dropdown icon for more vaccines)</small>
</label>
<!--Input Type Dropdown -->
<select name = "vaccines" id="vaccines">
<option value="pfizer">Pfizer</option>
<option value="maderna">Maderna</option>
<option value="johnsone">Johnsone</option>
</select>
</div>
<div class="form-control">
<label>
4. Physical Side Effects Reported
<small>(Check all that apply)</small>
</label>
<!-- Input Type Checkbox -->
<label for="inp-1">
<input type="checkbox"
name="inp" value="Pain" onclick="return PhysicalSideEffects();">Pain</input>
</label>
<label for="inp-2">
<input type="checkbox"
name="inp"value="Swelling" onclick="return PhysicalSideEffects();">Swelling</input>
</label>
<label for="inp-3">
<input type="checkbox"
name="inp"value="Redness" onclick="return PhysicalSideEffects();">Redness</input>
</label>
<label for="inp-4">
<input type="checkbox"
name="inp"value="Rash" onclick="return PhysicalSideEffects();">Rash</input>
</label>
<label for="inp-5">
<input type="checkbox"
name="inp"value="None" onclick="return PhysicalSideEffects();">None</input>
</label>
</div>
<div class="form-control">
<label>
5. Illness Side Effects Reported
<small>(Check all that apply)</small>
</label>
<!--Input Type Checkbox -->
<label for="inp-1">
<input type="checkbox"
name="inps" value="Headache" onclick="return IllnessSideEffects();">Headache</input>
</label>
<label for="inp-2">
<input type="checkbox"
name="inps"value="Chills" onclick="return IllnessSideEffects();">Chills</input>
</label>
<label for="inp-3">
<input type="checkbox"
name="inps"value="Dirrahea" onclick="return IllnessSideEffects();">Dirrahea</input>
</label>
<label for="inp-4">
<input type="checkbox"
name="inps"value="Tiredness" onclick="return IllnessSideEffects();">Tiredness</input>
</label>
<label for="inp-5">
<input type="checkbox"
name="inps"value="Fever" onclick="return IllnessSideEffects();">Fever</input>
</label>
<label for="inp-6">
<input type="checkbox"
name="inps"value="Dizziness" onclick="return IllnessSideEffects();">Dizziness</input>
</label>
<label for="inp-7">
<input type="checkbox"
name="inps"value="Nausea" onclick="return IllnessSideEffects();">Nausea</input>
</label>
<label for="inp-8">
<input type="checkbox"
name="inps"value="None" onclick="return IllnessSideEffects();">None</input>
</label>
</div>
<input type="submit" value="Submit" onclick="return confirm('6. Are you sure what you have is true to your knowledge?')">
<!-- This function is *figure this out*(to check whether or not the user selected an illness) & *works* make sure that they do not select another ilness if they selected "None"-->
<form>
<script type="text/javascript">
function PhysicalSideEffects()
{
var checkboxes = document.getElementsByName("inp"); // Gets the the different checkboxes
var numberOfCheckedItems = 0; //Holder for number of checked items
for(var i = 0; i < checkboxes.length; i++) //Loops through counting how many are checked
{
if(checkboxes[i].checked)
numberOfCheckedItems++;
}
if(checkboxes[4].checked && (checkboxes[0].checked || checkboxes[1].checked || checkboxes[2].checked || checkboxes[3].checked))
{
alert("You can't select another Illness if you selected None!");
return false;
}
}
function IllnessSideEffects()
{
var checkboxes= document.getElementsByName("inps");
var num = 0;
for(var j = 0; j < checkboxes.length; j++)
{
if(checkboxes[j].checked)
num++;
}
if(checkboxes[7].checked && (checkboxes[0].checked || checkboxes[1].checked || checkboxes[2].checked || checkboxes[3].checked
|| checkboxes[4].checked || checkboxes[5].checked || checkboxes[6].checked))
{
alert("You can't select another Illness if you selected None!");
return false;
}
}
</script>
这是较新的 PHP 代码
<?php
$conn = new mysqli("localhost","root","","csurv");
//connection established
if($conn === false){
die("ERROR: Could not connect. "
. mysqli_connect_error());
}
$answer = $_POST['answer'];
$agegroup = $_POST['agegroup'];
$vaccines = $_POST['vaccines'];
$inp = $_POST['inp'];
$inps = $_POST['inps'];
$sql = "INSERT INTO submisiion (qualified, agegroup, vaccinetype, physsymptoms, illsymptoms)
VALUES('$answer','$agegroup','$vaccines','$inp','$inps')";
if(mysqli_query($conn, $sql)){
echo "<h3>data stored in a database successfully."
. " Please browse your localhost php my admin"
. " to view the updated data</h3>";
echo nl2br("\n$answer\n $agegroup\n "
. "$vaccines\n $inp\n $inps");
} else{
echo "ERROR: Hush! Sorry $sql. "
. mysqli_error($conn);
}
// Close connection
mysqli_close($conn);
?>
请帮忙。看来我太笨了。
【问题讨论】:
-
不是 sql 注入证明
-
好笑,我刚刚学习了sql-injection,希望以后能回到这个项目,防止数据被篡改。但现在,我能做的只有这些了。
-
我没有看到名称为
vaccinetype的表单字段,它看起来应该是vaccines。可能其他人也一样 -
@KenLee 谢谢!为每个单选按钮指定值有效!