PHP 表单不会插入 MYSQL

【问题标题】:PHP form won't insert into MYSQLPHP 表单不会插入 MYSQL
【发布时间】:2019-11-01 14:54:54
【问题描述】:

有很多这样的错误,但这个是我的。

我有一个 PHP 票务类型表单,我想将信息插入 MYSQL 数据库。

这是 PHP 表单:

<html lang="en" dir="ltr">
  <head>
    <meta charset="utf-8">
    <title></title>
  </head>
  <body>
    <form name="ticket-form" id="ticket-form" action="get_response.php" method="POST">
      <p>Please provide your first name: <input type="text" name="firstName" id="firstName" placeholder="John" required></p>
      <p>Please provide your last name: <input type="text" name ="lastName" id="lastName" placeholder="Smith" required></p>
      <p>Please indicate if you are a company or a contractor:
        <input type="radio" name="clientType" id="clientType" value="company">Company
        <input type="radio" name="clientType" id="clientType" value="contractor" checked>Contractor</p>
      <p>Please provide an email address: <input type="email" name="email" id="email" placeholder="John123@example.com"><br></p>
      <p>Please provide a phone number if you'd prefer: <input type="text" name="number" id="number" max="13" placeholder="07654321234"><br></p>
      <p>Please detail your query, going in to as much detail as possible: </p>
      <textarea name="query" id="query" rows="8" cols="80" placeholder="Please detail the nature of your issue, going in to as much detail as possible."></textarea><br><br>
      <input type="submit" name="submit" value="Submit">
    </form>
  </body>
</html>

这里是get_response.php

<?php
require_once("config.php");
require_once("index.php");
$datetime = new DateTime();
$datestring = $datetime->format('d-m-Y H:i:s');
$first_name = mysqli_real_escape_string($conn, $_POST['firstName']);
  $second_name = mysqli_real_escape_string($conn, $_POST['lastName']);
  $client_type = mysqli_real_escape_string($conn, $_POST['clientType']);
  $email_address = mysqli_real_escape_string($conn, $_POST['email']);
  $query = mysqli_real_escape_string($conn, $_POST['query']);
  $phone_number = mysqli_real_escape_string($conn, $_POST['number']);
  $sql = "INSERT INTO
    tickets (first_name, second_name, client_type, email_address, phone_number, query)
    VALUES
    ('$first_name', '$second_name', '$client_type', '$email_address', '$phone_number', '$query')";
    if($conn->query($sql)){
      echo "<p>Thank you for your email!</p>
      <p> We aim to respond to your query as soon as possible.
      Please allow 2 business days for a response and check spam folders.</p>";
    }
    else
    {
        die('There was an error running the query [' . mysqli_error($conn) . ']');
      }
  // else
  // {
  //   echo "<p>Please supply valid information.</p>";
  // }
mysqli_close($conn);
 ?>

php config.php

将表明与 $conn 变量的连接成功,但要消除该问题:

<?php
$servername = "xxxxx";
$username = "xxxxx";
$password = "xxxxx";
$dbname = "tickets";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if($conn->connect_error){
  die("Connection failed: " . $conn->connect_error);
} ?>

php get_response.php

将空数据插入数据库。然而,表单无法通过发布信息来工作。

我知道可能还有其他错误。我对 PHP 和 MYSQL 很陌生。任何帮助深表感谢。提前致谢。

编辑:根据要求提供一些错误日志。这就是今天的全部内容。

[Fri Nov 01 12:24:51.342604 2019] [mpm_event:notice] [pid 673:tid 140589056359360] AH00489: Apache/2.4.38 (Ubuntu) configured -- resuming normal operations
[Fri Nov 01 12:24:51.343298 2019] [core:notice] [pid 673:tid 140589056359360] AH00094: Command line: '/usr/sbin/apache2'

Edit2:已解决,排序。

我尝试在我的常规 Mac OS X 操作系统中重新制作表单,它运行良好。虚拟盒子似乎存在根本性的问题,它与现代 OS X 软件的通信方式或某些个人配置。虽然我可以在 Linux 命令行中连接到 mysql,但它无法通过表单工作。

【问题讨论】:

标签: php html mysql database forms


【解决方案1】:

我在安装 MS SQL Server 时有 20 分钟的空闲时间,所以很快重构了您的代码以利用 prepared statements 来缓解 SQL 注入攻击。它没有经过测试,所以可能会有我忽略的小错误,但我希望它会被证明是有用的

<?php

    $status=false;

    if( $_SERVER['REQUEST_METHOD']=='POST' ){

        $errors=array();
        $args=array(
            'firstName'     =>  FILTER_SANITIZE_STRING,
            'lastName'      =>  FILTER_SANITIZE_STRING,
            'clientType'    =>  FILTER_SANITIZE_STRING,
            'email'         =>  FILTER_SANITIZE_STRING,
            'query'         =>  FILTER_SANITIZE_STRING,
            'number'        =>  FILTER_SANITIZE_STRING
        );

        foreach( array_keys( $args ) as $field ){
            if( !isset( $_POST[ $field ] ) ) $errors[]=sprintf( 'The field "%s" is not set', $field );
        }

        foreach( $_POST as $field => $value ){
            if( !in_array( $field, array_keys( $args ) ) )$errors[]=sprintf( 'Unknown field "%s"', $field );
        }

        if( empty( $errors ) ){
            $_POST=filter_input_array( INPUT_POST, $args );
            extract( $_POST );


            require_once 'config.php';
            require_once 'index.php';



            $sql='insert into `tickets` 
                ( `first_name`, `second_name`, `client_type`, `email_address`, `phone_number`, `query` ) 
                values 
                ( ?, ?, ?, ?, ?, ? )';
            $stmt=$conn->prepare( $sql );
            if( !$stmt )$errors[]='The SQL Prepared Statement failed';

            $stmt->bind_param('ssssss', $firstName, $lastName, $clientType, $email, $query, $number );
            $stmt->execute();

            $status=$conn->affected_rows;

        }
    }
?>
<html lang='en' dir='ltr'>
    <head>
        <meta charset='utf-8'>
        <title></title>
    </head>
    <body>
        <form name='ticket-form' method='POST'>
            <?php

                if( $_SERVER['REQUEST_METHOD']=='POST' ){
                    if( !empty( $errors ) ){

                        printf( '<pre>%s</pre>',print_r($errors,true) );

                    } else {

                        if( $status ){

                            echo "
                            <p>Thank you for your email!</p>
                            <p> We aim to respond to your query as soon as possible.
                            Please allow 2 business days for a response and check spam folders.</p>";
                        }
                    }
                }

            ?>
            <label>Please provide your first name: <input type='text' name='firstName' placeholder='John' required></label>
            <label>Please provide your last name: <input type='text' name ='lastName' placeholder='Smith' required></label>

            <label>
                Please indicate if you are a company or a contractor:
                <input type='radio' name='clientType' value='company'>Company
                <input type='radio' name='clientType' value='contractor' checked>Contractor
            </label>

            <label>Please provide an email address: <input type='email' name='email' id='email' placeholder='John123@example.com'></label>
            <label>Please provide a phone number if you'd prefer: <input type='text' name='number' id='number' max='13' placeholder='07654321234'></label>

            <label>
                Please detail your query, going in to as much detail as possible:
                <textarea name='query' rows='8' cols='80' placeholder='Please detail the nature of your issue, going in to as much detail as possible.'></textarea>
            </label>

            <input type='submit' />
        </form>
    </body>
</html>

【讨论】:

  • 谢谢,不胜感激。请注意,我请求的问题仍未解决。
  • 表单本身可以发布,所以我认为您的问题出在其他地方
  • 嗨,很可能,但是连接很好,只有表单不起作用,抱歉。
  • get_response.php 的顶部放exit( print_r( $_POST,1) ); 或类似的开始调试。也启用错误报告
  • 您可能需要检查的一件事是所需的文件实际上是否被正确包含。 - var_dump( get_included_files() );
猜你喜欢
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2014-04-04
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode