【问题标题】:How to insert html form data into database using php? [duplicate]如何使用 php 将 html 表单数据插入数据库? [复制]
【发布时间】:2021-05-30 20:17:12
【问题描述】:

这段代码看起来一切正常,但总是无法提交数据,这可能是什么问题?

我正在为 myphpadmin 数据库使用网络主机 (000webshost)。 该表单曾经提交数据,但由于某种原因它开始失败,我不明白为什么。 提交表单总是显示插入数据失败,其他一切看起来都很好。 我们在网站前端使用 Tailwind css。

这里是html:

            <div class="container mx-auto flex px-5 py-24 md:flex-row flex-col items-center">
                <div class="lg:w-2/6 md:w-1/2 bg-gray-100 rounded-lg p-8 flex flex-col md:m-auto w-full mt-10 md:mt-0">
                    <form action="insertsite.php" method="post">
                        <h2 class="text-gray-900 text-2xl font-bold title-font mb-5">Create POA</h2>
                        <div class="relative mb-4">
                            <h2 class="text-gray-900 text-lg font-normal title-font mb-2">Client Details</h2>
                            <label for="full-name" class="leading-7 text-sm text-gray-600">Your Full Name</label>
                            <input type="text" name="personname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="email" class="leading-7 text-sm text-gray-600">E-mail</label>
                            <input type="email" name="email"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <style>
                            input::-webkit-outer-spin-button,
                            input::-webkit-inner-spin-button {
                                -webkit-appearance: none;
                                margin: 0;
                            }
                        </style>
                        <div class="relative mb-4">
                            <label for="Phone" class="leading-7 text-sm text-gray-600">Phone Number</label>
                            <input type="number" name="phone"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Address" class="leading-7 text-sm text-gray-600">Enter Your Address</label>
                            <input type="Address" name="address"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Aadhaar" class="leading-7 text-sm text-gray-600">Enter Your Aadhaar Number</label>
                            <input type="number" name="aadharnumber"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="PanNo" class="leading-7 text-sm text-gray-600">Enter Your Pan Number</label>
                            <input type="text" name="panno"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <h2 class="text-gray-900 text-lg font-normal title-font mt-4 mb-2">Client Bank Details</h2>
                        <div class="relative mb-4">
                            <label for="BankName" class="leading-7 text-sm text-gray-600">Enter Name of Your Bank</label>
                            <input type="text" name="bankname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="BankBranch" class="leading-7 text-sm text-gray-600">Enter Name of Your Bank's branch</label>
                            <input type="text" name="branchname"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="Holdername" class="leading-7 text-sm text-gray-600">Enter Account Holders Name</label>
                            <input type="text" name="accholder"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="AccNumber" class="leading-7 text-sm text-gray-600">Enter Account Number</label>
                            <input type="text" name="accno"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="IFSC" class="leading-7 text-sm text-gray-600">Enter The IFSC Code</label>
                            <input type="text" name="ifsc"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <div class="relative mb-4">
                            <label for="UPI" class="leading-7 text-sm text-gray-600">Enter UPI ID</label>
                            <input type="text" name="upi"
                                class="w-full bg-white rounded border border-gray-300 focus:border-red-500 focus:ring-2 focus:ring-red-200 text-base outline-none text-gray-700 py-1 px-3 leading-8 transition-colors duration-200 ease-in-out">
                        </div>
                        <button type="submit" name="submit"
                            class="text-white bg-red-500 border-0 py-2 px-8 focus:outline-none hover:bg-red-600 rounded text-lg">Save Your Data</button>
                    </form>
                </div>
            </div>
    </section>

这里是 PHP:

    $server = "localhost" ;
    $username = "removed";
    $password = "removed";
    $dbname = "id16235805_portfolio";
    $con = mysqli_connect($server ,$username,$password,$dbname );
    
    if(isset($_POST['submit'])) {
        $personname = $_POST["personname"];
        $email = $_POST["email"];
        $phone =$_POST["phone"];
        $address =$_POST["address"];
        $aadharnumber =$_POST["aadharnumber"];
        $panno =$_POST["panno"];
        $bankname =$_POST["bankname"];
        $branchname =$_POST["branchname"];
        $accholder =$_POST["accholder"];
        $accno =$_POST["accno"];
        $upi =$_POST["upi"];
        $brokerage =$_POST["brokerage"];
        $periodofagr =$_POST["periodofagr"];
        $amountrecieved =$_POST["amountrecieved"];
        $amountrecinwords =$_POST["amountrecinwords"];
        $accopeningchar =$_POST["accopeningchar"];
        $lockingperiod =$_POST["lockingperiod"];
        $clientage =$_POST["clientage"];
        $payback =$_POST["payback"];
        $ifsc =$_POST["ifsc"];
        $daterec =$_POST["daterec"];
        $startingdate =$_POST["startingdate"];
        $endingdate =$_POST["endingdate"];
        
    
        $sql = "INSERT INTO client_details (personname,email,phone,address,aadharnumber,panno,bankname,branchname,accholder,accno,upi,brokerage,periodofagr,amountrecieved,amountrecinwords,accopeningchar,lockingperiod,clientage,payback,ifsc,daterec,startingdate,endingdate) VALUES ('$personname','$email','$phone','$address','$aadharnumber','$panno','$bankname','$branchname','$accholder','$accno','$upi','$brokerage','$periodofagr','$amountrecieved','$amountrecinwords','$accopeningchar','$lockingperiod','$clientage','$payback','$ifsc','$daterec','$startingdate','$endingdate')";
        
        $result = mysqli_query( $con,$sql );
        
        
        if($result) {
            echo "Data Inserted";
        }
        else {
            echo "Failed to Insert Data";
        }
    }
?>```


Please look into the code above and see if there is any type of error.
Iam updating the same db from android app and another smaller html form and it works but for this bigger one it is failing.

【问题讨论】:

  • 这能回答你的问题吗? How can I prevent SQL injection in PHP?。同样的技术还可以帮助防止 SQL 中出现意外的语法错误
  • 另外,您没有检查真正的 SQL 错误,因此您不知道真正出了什么问题或如何修复它也就不足为奇了。见How to get the actual mysql error and fix it?
  • 看起来你需要一个小例子——你可以在 W3Schools 或 php.net 上找到一个——使用 mysqli_query。然后你可以根据自己的情况进行调整。您也可以尝试打印 $_POST 以查看它是否包含您认为的内容。

标签: php database forms


【解决方案1】:

您的整个代码看起来都很好。由于这段代码曾经运行良好,请确保任何输入框中都没有输入特殊字符,例如“/”,如果是这样,您将不得不使用 mysqli_real_escape_string($connection, $输入框值)。干杯!

【讨论】:

  • 不,OP 应该使用参数化查询和准备好的语句。 mysqli_real_escape_string 已过时,不能完全防止 sql 注入
  • 你能告诉我如何使用带有一些文档链接或其他东西的参数化查询和准备好的语句吗?
  • @SohamVaidya-39 我已经提供了一个链接,请参阅上面的 cmets。您也可以在phpdelusions.net/mysqliphp.net/manual/en/mysqli.quickstart.prepared-statements.php 阅读更多内容(虽然实际上官方文档中的示例并不是最好的,但我将从我提供的其他链接开始)
猜你喜欢
  • 2015-02-27
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2019-10-04
  • 2012-12-15
  • 1970-01-01
  • 1970-01-01
  • 2016-08-17
相关资源
最近更新 更多