html+php提交表单插入mysql失败

【问题标题】:html+php submission form fails to insert to mysqlhtml+php提交表单插入mysql失败
【发布时间】:2016-09-08 19:56:54
【问题描述】:

这是我第一次尝试 PHP,但运气不佳。

数据库是在 phpmyadmin 中创建的,需要的表以相同的顺序 我正在运行 Ubuntu 14.04.1 LTS 5.5.49-MariaDB-1ubuntu0.14.04.1 (Ubuntu) PHP 5.5.9-1ubuntu4.19 (cli)

a.html 的内容:

<form method="post" action="aplicatie.php" name="ClaimForm" id="ClaimForm" autocomplete="on">
<fieldset>
    <legend>Completeaza detaliile tale:</legend>
    <div>
        <label for="numecont" accesskey="U">Numele contului</label>
        <input name="numecont" type="text" id="numecont" placeholder="ex: RSC_Alex" required />
    </div>
    <div>
        <label for="wn8overall" accesskey="U">WN8 Actual</label>
        <input name="wn8overall" type="text" id="wn8overall" placeholder="ex: 1800" required />
    </div>
    <div>
        <label for="wn8recent">WN8 Recent</label>
        <input name="wn8recent" type="text" id="wn8recent" placeholder="ex: 2700" required />
    </div>
    <div>
        <label for="email" accesskey="E">Email</label>
        <input name="email" type="email" id="email" placeholder="ex: admin@arcan.ro" pattern="^[A-Za-z0-9](([_\.\-]?[a-zA-Z0-9]+)*)@([A-Za-z0-9]+)(([\.\-]?[a-zA-Z0-9]+)*)\.([A-Za-z]{2,})$" required />
    </div>
    <label for="tara">Tara de resedinta</label>
    <input name="tara" type="text" id="tara" placeholder="ex: Romania" required />.
    <div>
        <label for="zileonline" accesskey="X">Cate zile pe saptamana poti fi activ incepand cu ora 20:00 (GMT+2)?</label>
        <select name="zileonline" id="zileonline" required="required">
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="6">6</option>
            <option value="7">7</option>
        </select>
    </div>
</fieldset>
<fieldset>
    <legend>Tancuri disponibile in garaj</legend>
    <div>
        <label for="tank10" accesskey="S">Numar de tancuri de nivel 10</label>
        <select name="tank10" id="tank10" required="required">
            <option value="0">0</option>
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="6">6</option>
            <option value="7">7</option>
            <option value="8">8</option>
            <option value="9">9</option>
            <option value="10">10</option>
            <option value="peste10"> >10</option>
        </select>
    </div>
    <div>
        <label for="tank8" accesskey="C">Numar de tancuri de nivel 8</label>
        <select name="tank8" id="tank8" required="required">
            <option value="0">0</option>
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="peste5"> >5</option>
        </select>
    </div>
    <div>
        <label for="careclan" accesskey="T">Pentru care din clanuri doresti sa aplici?</label>
        <select name="careclan" id="careclan" required="required">
            <option value="ARCAN">ARCAN</option>
            <option value="ARKNE">ARKNE</option>
            <option value="ARKAN">ARKAN</option>
        </select>
    </div>
</fieldset>
<input type="submit" class="submit" id="submit" value="Vreau sa aplic" />

aplicatie.php 的内容:

<?php
$mysql_host     = "localhost";
$mysql_username = "root";
$mysql_password = "pass";
$mysql_database = "aplicatii";

$conn= new mysqli ($mysql_host,$mysql_username,$mysql_password,$mysql_database);
if ($conn->connect_error) {
  die("Connection failed: " . $conn->connect_error);
} 
echo "Connected successfully";

$prepare="INSERT INTO `aplicatii1` (`wn8overall`,`wn8recent`,`email`,`zileonline`,`tara`,`tank10`,`tank8`,`careclan`,`numecont`) VALUES ($_POST['wn8overall'], $_POST['wn8recent'], $_POST['email'], $_POST['zileonline'], $_POST['tara'], $_POST['tank10'], $_POST['tank8'], $_POST['careclan'], $_POST['numecont'])";
if ($conn->query($prepare) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $prepare . "<br>" . $conn->error;
}
mysqli_close($conn);
?>

【问题讨论】:

  • 首先 - 学习关于引号,然后 - 关于准备好的陈述。
  • 将您的 $_POST 变量放入 {} 中,这样您的查询将变为: $prepare="INSERT INTO aplicatii1 (wn8overall,wn8recent,email,zileonline,@987654333 @,tank10,tank8,careclan,numecont) 值 ({$_POST['wn8overall']}, {$_POST['wn8recent']}, {$_POST['email']}, {$_POST['zileonline']},{$_POST['tara']},{$_POST['tank10']},{$_POST['tank8']},{$_POST['careclan']}, {$_POST['numecont']})";另请参阅trans4mind.com/personal_development/phpTutorial/quotes.htm
  • 非常有帮助的伙伴
  • @SankalpSrivastava 与core documentation on PHP strings 相比,该教程非常糟糕。这也是100%错误的。不要将$_POST 数据放在查询中。
  • 警告:当使用mysqli 时,您应该使用parameterized queriesbind_param 将用户数据添加到您的查询中。 不要使用字符串插值或连接来完成此操作,因为您创建了一个严重的SQL injection bug切勿$_POST$_GET 数据直接放入查询中,如果有人试图利用您的错误,这可能会非常有害。

标签: php html mysql mysqli


【解决方案1】:

试试这个:

 $servername = "localhost";  //host name

 $username = "username"; //username

 $password = "password"; //password

 $database = "dbname"; //database name

//mysqli prepared statement 

$conn = mysqli_connect($servername, $username, $password) or die("Connection failed: " . mysqli_connect_error());

mysqli_select_db($conn,$database) or die("Opps some thing went wrong");
$Wn8overall = mysqli_real_escape_string($_POST['wn8overall']);
$Wn8recent = mysqli_real_escape_string($_POST['wn8recent']);
$Email = mysqli_real_escape_string($_POST['email']);
$Zileonline = mysqli_real_escape_string($_POST['zileonline']);
$Tara = mysqli_real_escape_string($_POST['tara']);
$Tank10 = mysqli_real_escape_string($_POST['tank10']);
$Tank8 = mysqli_real_escape_string($_POST['tank8]);
$Careclan = mysqli_real_escape_string($_POST['careclan']);
$Numecont = mysqli_real_escape_string($_POST['numecont']);

$stmt = $conn->prepare("INSERT INTO aplicatii1 (wn8overall,wn8recent,email,zileonline,tara,tank10,tank8,careclan,numecont)  VALUES (?,?,?,?,?,?,?,?,?)");

$stmt->bind_param('sssssssss',$Wn8overall,$Wn8recent,$Email,$Zileonline,$Tara,$Tank10,$Tank8,$Careclan$Numecont);
            /*
                The argument may be one of four types:

                            i - integer
                            d - double
                            s - string
                            b - BLOB
                            change it by respectively
            */ 
$stmt->execute();

$row_count= $stmt->affected_rows;

$stmt->close();
$conn->close();

 if($row_count>0){
    echo "New record created successfully";
 }
else{

}

【讨论】:

    【解决方案2】:

    根据您的编码标准,错误在于以下语句,即当您提交变量时,提交按钮应具有相应的名称以及插入语句,并使用引号和反引号。 You have not closed the form as per the Question you have provided

    HTML 内容:

    <form method="post" action="aplicatie.php" name="ClaimForm" id="ClaimForm" autocomplete="on">
<fieldset>
    <legend>Completeaza detaliile tale:</legend>
    <div>
        <label for="numecont" accesskey="U">Numele contului</label>
        <input name="numecont" type="text" id="numecont" placeholder="ex: RSC_Alex" required />
    </div>
    <div>
        <label for="wn8overall" accesskey="U">WN8 Actual</label>
        <input name="wn8overall" type="text" id="wn8overall" placeholder="ex: 1800" required />
    </div>
    <div>
        <label for="wn8recent">WN8 Recent</label>
        <input name="wn8recent" type="text" id="wn8recent" placeholder="ex: 2700" required />
    </div>
    <div>
        <label for="email" accesskey="E">Email</label>
        <input name="email" type="email" id="email" placeholder="ex: admin@arcan.ro" pattern="^[A-Za-z0-9](([_\.\-]?[a-zA-Z0-9]+)*)@([A-Za-z0-9]+)(([\.\-]?[a-zA-Z0-9]+)*)\.([A-Za-z]{2,})$" required />
    </div>
    <label for="tara">Tara de resedinta</label>
    <input name="tara" type="text" id="tara" placeholder="ex: Romania" required />.
    <div>
        <label for="zileonline" accesskey="X">Cate zile pe saptamana poti fi activ incepand cu ora 20:00 (GMT+2)?</label>
        <select name="zileonline" id="zileonline" required="required">
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="6">6</option>
            <option value="7">7</option>
        </select>
    </div>
</fieldset>
<fieldset>
    <legend>Tancuri disponibile in garaj</legend>
    <div>
        <label for="tank10" accesskey="S">Numar de tancuri de nivel 10</label>
        <select name="tank10" id="tank10" required="required">
            <option value="0">0</option>
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="6">6</option>
            <option value="7">7</option>
            <option value="8">8</option>
            <option value="9">9</option>
            <option value="10">10</option>
            <option value="peste10"> >10</option>
        </select>
    </div>
    <div>
        <label for="tank8" accesskey="C">Numar de tancuri de nivel 8</label>
        <select name="tank8" id="tank8" required="required">
            <option value="0">0</option>
            <option value="1">1</option>
            <option value="2">2</option>
            <option value="3">3</option>
            <option value="4">4</option>
            <option value="5">5</option>
            <option value="peste5"> >5</option>
        </select>
    </div>
    <div>
        <label for="careclan" accesskey="T">Pentru care din clanuri doresti sa aplici?</label>
        <select name="careclan" id="careclan" required="required">
            <option value="ARCAN">ARCAN</option>
            <option value="ARKNE">ARKNE</option>
            <option value="ARKAN">ARKAN</option>
        </select>
    </div>
</fieldset>
<input type="submit" name="save_form" class="submit" id="submit" value="Vreau sa aplic" />
</form>

    aplicatie.php

    <?php
$host     = "localhost";
$username = "root";
$password = "pass";
$db = "aplicatii";
$con = new mysqli($host,$username,$password,$db);
if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
echo "Connected successfully";
if(isset($_POST['save_form']))// Here the form method will executed if it is Submitted
{
$prepare="INSERT INTO `aplicatii1` (`wn8overall`,`wn8recent`,`email`,`zileonline`,`tara`,`tank10`,`tank8`,`careclan`,`numecont`) VALUES ('".$_POST['wn8overall']."','".$_POST['wn8recent']."','".$_POST['email']."','".$_POST['zileonline']."','".$_POST['tara']."','".$_POST['tank10']."','".$_POST['tank8']."','".$_POST['careclan']."','".$_POST['numecont']."'')";
$results = $con->prepare($prepare);// Prepare the Statements Here
$results->execute();// Execute the Statement Here
$results->close();// Close the Executed Statement Here
}
?>

    根据mysqli.* 的新标准,单独使用参数化语句更好也更可取。但是根据您不打算在线运行的建议,您可以使用此方法并希望它能破解您的错误。分享一下这段代码执行后的想法。

    【讨论】:

    • 我仍然没有在表中得到任何东西 MySQL 返回了一个空结果集(即零行)。 (查询耗时 0.0005 秒)
    • @user3295102。最好为表设置Auto Increment ID,并且表字段值太小。提供大于您在文本框中提供的输入的值并检查。 (例如)像这样将所有表值提供为 100 并尝试一下。如果是这样,您将面临错误最后检查数据库连接,否则如果您再次遇到错误,请告诉 e。
    猜你喜欢
    • 1970-01-01
    • 2015-05-21
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2017-08-28
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode