錯誤插入語句PHP

Question

我遇到了我的數據庫處理程序類的問題，我想。我在我的index.php文件中有一個表單標籤，它調用inc/function.php中的一個函數，然後將表單數據保存到數據庫中的表中。問題是，我沒有工作，我找不到錯誤。如果你想我提供更多的信息，那麼請說出:)

沒有錯誤，除了每當我在我的函數中添加行$ dbh-> query（$ sql），整個表單消失：/

的index.php：

<form id="signform" action="<?php addSignature($dbh) ?>" method="post"> 
       <h1>SIGN THE PROPOSED CITIZENS’ INITIATIVE</h1> 
       <input type="text" name="firstname" placeholder="Full first name"><br/> 
       <input type="text" name="familynames" placeholder="Family name"><br/> 
       <input type="text" name="dateofbirth" placeholder="Date of birth"><br/> 
       <input type="text" name="placeofbirth" placeholder="Place of birth"><br/> 
       <select name="nationality"> 
        <option value="" disabled selected>Nationality</option> 
        <option value="Denmark" >Denmark</option> 
       </select> 
       <hr> 
       <textarea name="address" placeholder="Address (street, number, other)"></textarea><br/> 
       <input type="text" name="postalcode" placeholder="Postal code"><br/> 
       <input type="text" name="city" placeholder="City"><br/> 
       <select name="country"> 
        <option value="" disabled selected>Country</option> 
        <option value="Denmark" >Denmark</option> 
       </select> 
       <hr> 
       <div id="radiobuttons"> 
       <input class="radiobutton" type="checkbox" name="certify"><span class="radiobuttonText">I hereby certify that the information provided in this 
form is correct and that I have not already supported 
this proposed citizens’ initiative.</span><br/><br/> 
       <input class="radiobutton" type="checkbox" name="privacy"><span class="radiobuttonText">I have read the privacy statement.</span> 
       </div> 
       <button type="submit" value="">SIGN UP</button> 
      </form> 

DbH.php：

<?php 

    //DATABASE HANDLER 
    class DbH{ 

     private $connection; 
     private $host; 
     private $database; 
     private $user; 
     private $password; 
     private $result; 

     public function __construct($database, $host='localhost', $user='root', $password='blabla'){ 
      $this->database = $database; 
      $this->host = $host; 
      $this->user = $user; 
      $this->password = $password; 
      $this->connect(); 
     } 

     private function connect(){ 
      try{ 
       if(!$this->connection = mysql_connect($this->host, $this->user, $this->password)){ 
        throw new Exception("No connection to the MySQL server."); 
       } 
       if(!mysql_select_db($this->database, $this->connection)){ 
        throw new Exception("No connection to the MySQL database."); 
       } 
      } 
      catch(Exception $e){ 
       die($e->getMessage()); 
      } 
     } 

     function query($declaration){ 
      try{ 
       if(!$this->result=mysql_query($declaration, $this->connection)){ 
        throw new Exception("SELECT ERROR</ br>{$declaration}"); 
       } 
      } 
      catch(Exception $e){ 
       die($e->getMessage()); 
      } 
     } 

     function fetch_array(){ 
      return $rowArray = @mysql_fetch_array($this->result); 
     } 

     function getDb(){ 
      return $this->database; 
     } 

     function getConnection(){ 
      return $this->connection; 
     } 
    } 
?> 

的functions.php：

<?php 

function addSignature($dbh){ 

if(!isset($_POST['firstname'], $_POST['familynames'], $_POST['dateofbirth'], $_POST['placeofbirth'], $_POST['nationality'], $_POST['address'], $_POST['postalcode'], $_POST['city'], $_POST['country'])){ 
    $_POST['firstname'] = 'undefine'; 
    $_POST['familynames'] = 'undefine'; 
    $_POST['dateofbirth'] = 'undefine'; 
    $_POST['placeofbirth'] = 'undefine'; 
    $_POST['nationality'] = 'undefine'; 
    $_POST['address'] = 'undefine'; 
    $_POST['postalcode'] = 'undefine'; 
    $_POST['city'] = 'undefine'; 
    $_POST['country'] = 'undefine'; 
} 

$firstname = mysql_real_escape_string($_POST['firstname']); 
$familynames = mysql_real_escape_string($_POST['familynames']); 
$dob = mysql_real_escape_string($_POST['dateofbirth']); 
$pob = mysql_real_escape_string($_POST['placeofbirth']); 
$nationality = mysql_real_escape_string($_POST['nationality']); 
$address = mysql_real_escape_string($_POST['address']); 
$postalcode = mysql_real_escape_string($_POST['postalcode']); 
$city = mysql_real_escape_string($_POST['city']); 
$country = mysql_real_escape_string($_POST['country']); 

$sql = 'INSERT INTO signatures (id, firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)'; 
$sql .= sprintf(' VALUES ("%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country); 


$dbh->query($sql); 
} 

?> 

Answer 1

您的表單操作應該是一個頁面，而不是對PHP函數的調用。

<form id="signform" action="<?php addSignature($dbh) ?>" method="post"> 

當您添加該行中，你真的調用該函數立即，因爲它輸出到頁面之前，所有的PHP代碼進行處理，並在源代碼中的動作變得

action="" 

您需要將表單傳遞給您的同一頁面或處理頁面，然後將您的POST變量傳遞給您的addSignature函數。

Answer 2

我假設INSERT語句中的id字段看起來像一個自動增量字段，因爲在INSERT的VALUES部分沒有指定id參數。或者，你可能需要在參數部分添加ID：

$sql = 'INSERT INTO signatures (firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)'; 
$sql .= sprintf(' VALUES ("%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country); 

$dbh->query($sql); 

OR

$sql = 'INSERT INTO signatures (id,firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)'; 
$sql .= sprintf(' VALUES ("%s","%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $id, $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country); 

$dbh->query($sql); 

還要確保正確的變量類型是過去在表中的字段。

Answer 3

我相信有一個語法錯誤。在您使用逗號的if聲明中，您應該使用&&或||。