HTML post to PHP

Question

試圖將數據插入到我的表中，但我不斷收到未定義的索引，因爲「我提交表單時沒有設置值」。 if (isset($_POST['submit']))即使我單獨運行.php，但在提交表單時沒有插入數據，我的錯誤也會消除。任何幫助表示讚賞。謝謝

我form.html

<form name="supportForm" class="form" action="database.php" method="POST" onsubmit="return validateForm()"> 

<label>Name:</label> 
<input type="text" name="name"/> 
<br/> 

<label>Client ID:</label> 
<input type="text" name="clientID"/> 
<br/> 

<label>E-mail address:</label> 
<input type="email" name="email"/> 
<br/> 

<label>Phone number:</label> 
<input type="tel" name="tel"/> 
<br/> 

<br/> 
Support Type:<br> 
<input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br> 
<input type="radio" name="suppType" value="Software">Software Issue<br> 
<input type="radio" name="suppType" value="Hardware">Hardware Issue<br> 
<input type="radio" name="suppType" value="Connectivity">Connectivity<br> 
</br> 

Operating System: 
<select id="select"> 
    <option disabled selected value="">Choose a product</option> 
    <option value="w7" name="OS">Windows 7</option> 
    <option value="w8" name="OS">Windows 8/8.1</option> 
    <option value="w10" name="OS">Windows 10</option> 
</select> 

<br> </br> 

Problem Description: 
<br><textarea id="ta" rows="10" cols="80" name="pDesc"></textarea></br> 

<input type="checkbox" name="terms" value="agree"> 
<a href="#">I agree to the terms and conditions.</a> 

<br> </br> 
<input type="hidden" name="submitted" value="true"> 
<input type="submit" name="submit" onClick="validateSubmit()"> 
</form> 

我的PHP文件

<?php 
//Creates static credentials 
define('DB_NAME', 'data'); 
define('DB_USER', 'root'); 
define('DB_PASSWORD', ''); 
define('DB_HOST', 'localhost'); 

//Creates connection to the database 
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD); 

//Checks for connection 
if ($con->connect_error) { 
    die("Connection failed: " . $con->connect_error); 
} 

//If there are no connection, error 
if (!$con) { 
    die ('Could not connect' . mysqli_error()); 
} 

//Select the 'data' database 
$con->select_db(DB_NAME); 

//Checks if database 'data' has been selected 
if (mysqli_select_db($con, DB_NAME)) { 
    echo "Database exists <br>"; 
} else { 
    echo "Database does not exist"; 
} 

//Successful connection message 
echo "Connected successfully <br>"; 

if (isset($_POST['submit'])) { 
//Retrieving values from support form 
    $name = $_POST['name']; 
    $clientID = $_POST['clientID']; 
    $email = $_POST['email']; 
    $tel = $_POST['tel']; 
    $suppType = $_POST['suppType']; 
    $OS = $_POST['OS']; 
    $pDesc = $_POST['pDesc']; 

//Inserting values into a table 
    $sql = "INSERT INTO info (fullname, clientID, email, tel, 
    suppType, OS, pDesc) 
    VALUES ($name, $clientID, $email, $tel, 
    $suppType, $OS, $pDesc)"; 

if (!mysqli_query($con, $sql)) { 
    echo "No data"; 
} else { 
    echo "Data recorded successfully"; 
} 
} 

//Closes connection 
mysqli_close($con); 

Answer 1

您必須<select>不<option>

<select id="select" name="OS"> 
    <option disabled selected value="">Choose a product</option> 
    <option value="w7">Windows 7</option> 
    <option value="w8">Windows 8/8.1</option> 
    <option value="w10">Windows 10</option> 
</select> 

寫name="OS"和SQL必須是這樣的你需要撇號（''）aro UND變量

$sql = "INSERT INTO `info` (fullname, clientID, email, tel, suppType, OS, pDesc) 
VALUES ('$name', '$clientID', '$email', '$tel', '$suppType', '$OS', '$pDesc')"; 

Answer 2

你不向我們展示validateForm（）函數，因此，我們將真的不知道發生了什麼有，但是我編輯了自己的形式和使用PHP做了驗證，

你需要什麼首先要檢查是否在跳轉到插入數據庫之前檢查所有值，並確保電子郵件是正確的電子郵件，同時select屬性需要位於select標籤而不是選項標籤上，select選項必須只有價值。

然後驗證，過濾和存儲到數據庫 之前消毒的用戶輸入。對待表單上的每個用戶輸入，就好像它來自非常危險的黑客。

有一些所謂的預處理語句，在庫MySQLi和PDO，你應該努力學習這一點，使用它:)你會喜歡它，我將它留給你研究，爲什麼你需要使用準備好的語句。

這是你的代碼應該是什麼樣子

<form name="supportForm" class="form" action="database.php" method="POST"> 
    <label>Name:</label> 
    <input type="text" name="name"/> 
    <br/> 
    <label>Client ID:</label> 
    <input type="text" name="clientID"/> 
    <br/> 
    <label>E-mail address:</label> 
    <input type="email" name="email"/> 
    <br/> 
    <label>Phone number:</label> 
    <input type="tel" name="tel"/> 
    <br/> 
    <br/> 
    Support Type:<br> 
    <input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br> 
    <input type="radio" name="suppType" value="Software">Software Issue<br> 
    <input type="radio" name="suppType" value="Hardware">Hardware Issue<br> 
    <input type="radio" name="suppType" value="Connectivity">Connectivity<br> 
    </br> 
    Operating System: 
    <select id="select" name="OS"> 
     <option value="0">Choose a product</option> 
     <option value="w7">Windows 7</option> 
     <option value="w8">Windows 8/8.1</option> 
     <option value="w10">Windows 10</option> 
    </select> 
    <br> </br> 
    Problem Description: 
    <br> 
    <textarea id="ta" rows="10" cols="80" name="pDesc"></textarea> 
    </br> 
    <input type="checkbox" name="terms" value="agree"> 
    <a href="#">I agree to the terms and conditions.</a> 
    <br> </br> 
    <input type="hidden" name="submitted" value="true"> 
    <input type="submit" name="submit"> 
</form> 

然後database.php中

<?php 
//Creates static credentials 
define('DB_NAME', 'data'); 
define('DB_USER', 'root'); 
define('DB_PASSWORD', ''); 
define('DB_HOST', 'localhost'); 

$errors = ""; //checking for errors 

//Creates connection to the database 
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD); 

//Checks for connection 
if ($con->connect_error) { 
     die("Connection failed: " . $con->connect_error); 
} 

//If there are no connection, error 
if (!$con) { 
     die('Could not connect' . mysqli_error()); 
} 

//Select the 'data' database 
$con->select_db(DB_NAME); 

//Checks if database 'data' has been selected 
if (mysqli_select_db($con, DB_NAME)) { 
     echo "Database exists <br>"; 
} else { 
     echo "Database does not exist"; 
} 

//Successful connection message 
echo "Connected successfully <br>"; 

if (isset($_POST['submit'])) { 

     //check values are set 

     if (empty($_POST['name'])) { 

       echo "enter name"; 
       $errors++; 
     } else { 

       $name = userIput($_POST['name']); 
     } 

     if (empty($_POST['clientID'])) { 

       echo "enter id"; 
       $errors++; 
     } else { 

       $clientID = userIput($_POST['clientID']); 
     } 

     if (empty($_POST['email'])) { 

       echo "enter email"; 
       $errors++; 
     } else { 

       $email = userIput($_POST['email']); 

       if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email)) { //validate email, 

         echo "enter valid email"; 
         $errors++; 
       } 
     } 

     if (empty($_POST['tel'])) { 

       echo "enter tel"; 
       $errors++; 
     } else { 

       $tel = userIput($_POST['tel']); 
     } 

     if (!isset($_POST['suppType'])) { 

       echo "select one option"; 
       $errors++; 
     } else { 

       $suppType = userIput($_POST['suppType']); 
     } 

     if (isset($_REQUEST['OS']) && $_REQUEST['OS'] === "0") { 

       echo "please select product"; 
       $errors++; 
     } else { 

       $OS = userIput($_POST['OS']); 
     } 

     if (empty($_POST['pDesc'])) { 

       echo "enter Description"; 
       $errors++; 
     } else { 

       $pDesc = userIput($_POST['pDesc']); 
     } 


     if ($errors <= 0) { // No errors 

       //prepare and insert query 

       $sql = $con->prepare("INSERT INTO info (fullname, clientID, email, tel,suppType, OS, pDesc) VALUES (?, ?, ?, ?, ?, ?, ?)"); 
       $sql->bind_param("sssssss", $name, $clientID, $email, $tel, $suppType, $OS, $pDesc); 
       if ($sql->execute()) { 

         echo "records inserted successfully"; 
       } else { 

         echo "Could not insert " . mysqli_error(); 
       } 



       $sql->close(); 
       $con->close(); 




     } 

} 

function userIput($data) 
{ 

     $data = trim($data); 
     $data = stripslashes($data); 
     $data = htmlspecialchars($data); 
     return $data; 


} 
?> 

希望這將有助於一點點，你會學到一兩件事，和我米總是可用於suggessions，只是incase我錯過了什麼。謝謝