【问题标题】:MySQL insert into apparently not executing using an HTML form, PHP, and MySQLMySQL 插入显然不使用 HTML 表单、PHP 和 MySQL 执行
【发布时间】:2020-03-14 18:59:56
【问题描述】:

我是一个初学者“程序员”所以请原谅我的无知。为了安全起见,我正在使用准备好的声明。回显 else 子句,而不是执行 INSERT INTO 语句。我正在从 HTML 表单中传递一个隐藏值:

<input type="hidden" value="EVS1" name="CustomerCode" />
<?php   

include ('../etc/mysql_connect.php');


if(isset($_POST['submit'])) {

$FirstName= trim( $_POST['FirstName'] );
$LastName= trim( $_POST['LastName'] );
$Address1= trim( $_POST['Address1'] );
$Address2= trim( $_POST['Address2'] );
$City= trim( $_POST['City'] );
$State= trim( $_POST['State'] );
$Zip= trim( $_POST['Zip'] );
$Email= trim( $_POST['Email'] );



$calculated_date = date('m-d-Y', time() + 86400 * 42);



$stmt = $conn->prepare("INSERT INTO xxx SET FirstName = ?,LastName = ?,Address1 = ?,Address2         = ?,City = ?,State = ?,Zip = ?,Email = ?,CustomerCode = CustomerCode,DrawingEntryDate = NOW() ");

$stmt->bind_param("sssssssss", $_POST['FirstName'] , $_POST['LastName'], $_POST['Address1'],           $_POST['Address2'], $_POST['City'], $_POST['State'], $_POST['Zip'], $_POST['Email'], $_POST['CustomerCode']);

$stmt->execute();

$affected_rows= mysqli_stmt_affected_rows ($stmt);

  if ($affected_rows ==1){
    echo '<body bgcolor="#F9F9F9"><h2>Thank You!</h2><font type="Arial,Helvetica, sans-serif"              size="3">We have successfully received your entry.  Good luck!<br><br>Names are drawn randomly each month, and notified via email.  If your name is chosen, please expect delivery within 4-6 weeks.  Your order is scheduled to be delivered by '.$calculated_date.'.</font></body>';

      mysqli_stmt_close($stmt);
      mysqli_close($dbconnect);

   }  else {
      echo '<body bgcolor="#F9F9F9"><h2>Oops!</h2><font type="Arial,Helvetica, sans-serif" size="3">There is a limit of 1 entry per day.  <b>'.$FirstName.'</b> has already entered on '.$DrawingEntryDate.' .</font></body>';
      echo mysqli_error();

      mysqli_stmt_close($stmt);
      mysqli_close($dbconnect);
   }
}
?>

【问题讨论】:

    标签: php mysql forms post


    【解决方案1】:

    您在查询中有八个参数占位符,并尝试将九个参数绑定到它。

    这里:

    $stmt = $conn->prepare("INSERT INTO xxx SET FirstName = ?,LastName = ?,Address1 = ?,Address2 = ?,City = ?,State = ?,Zip = ?,Email = ?,CustomerCode = CustomerCode,DrawingEntryDate = NOW() ");
    
    $stmt->bind_param("sssssssss", $_POST['FirstName'] , $_POST['LastName'], $_POST['Address1'], $_POST['Address2'], $_POST['City'], $_POST['State'], $_POST['Zip'], $_POST['Email'], $_POST['CustomerCode']);
    

    您忘记为CustomerCode 放置参数占位符。

    如果您总是要将 DrawingEntryDate 设置为 NOW(),则可以将其从查询中排除,并将该列设置为具有默认值。

    【讨论】:

    • 您能否编辑您的答案以更清楚地说明错误在哪里以及如何修改它?这样看起来更像是评论而不是答案。
    • 谢谢。不幸的是,这条 SQL 语句仍然不会执行,否则会回显。我进行了如下所示的建议更改,验证了我的 FTP 服务器上的 PHP 文件正在更新,并验证了用户插入权限(插入、更新和选择权限)。客户代码是一个隐藏的硬编码值。我不确定这是否会有所不同: ... ,CustomerCode = ?"); sssssssss ... , $_POST[' CustomerCode ' ]);
    • 您需要发布最新版本。问题是(或曾经是)您没有 ?在您为客户代码发布的查询中的占位符,您只需输入“CustomerCode = CustomerCode”而不是“CustomerCode = ?”。然后你尝试向它发送九个参数,只有八个占位符。如果您检查返回的每一步,我相信您会发现 bind_param 失败了。
    猜你喜欢
    • 1970-01-01
    • 2017-05-14
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2018-04-20
    • 1970-01-01
    • 2017-10-20
    相关资源
    最近更新 更多