數據沒有被添加到SQL中，沒有錯誤

Question

我對這段代碼失去了主意。它似乎工作。沒有錯誤，但是沒有任何東西被添加到mysql數據庫。我檢查了它正在工作的db連接。

我希望你能幫上忙。

報名表

<html> 
<head> 
    <meta charset="utf-8"> 
    <meta name="viewport" content="initial-scale=1, maximum-scale=1"> 
     <title>Create a Company</title> 
     <link rel="stylesheet" type="text/css" href="/PITAKER/V2/css.css"/> 

</head> 
<body> 
    <h2 class="header"> Create a Company </h2> 
    <form action="processcompany.php" method="post"> 

     <input class="entry" placeholder="Company Name" name="companyname" type="text" required="required"><br> 
     <input class="entry" placeholder="GST/VAT/ABN/TAX No" name="taxno" type="text" required="required"><br> 
     <input class="entry" placeholder="Address" name="address1" type="text" value=""><br> 
     <input class="entry" placeholder="Suburb/County" name="suburb" type="text" value=""><br> 
     <input class="entry" placeholder="State" name="state" type="text" value=""><br> 
     <input class="entry" placeholder="Post/Zip Code" name="postcode" type="text" value=""><br> 
    <input class="entry" placeholder="Country" name="country" type="text" value=""><br> 
    <input class="entry" placeholder="Primary Contact" name="primarycontact" type="text" value=""><br> 
    <input class="entry" placeholder="Primary Email" name="primaryemail" type="text" value=""><br> 
    <input class="entry" placeholder="Subscription Type" name="subscriptiontype" type="text" value=""><br> 
    <input class="entry" placeholder="Subscription Status" name="subscriptionstatus" type="text" value=""><br> 
    <input class="entry" placeholder="Subscription End Date" name="subscriptionenddate" type="text" value=""><br> 

     <input class="button" type="submit"> 

    </form> 
</body> 

php腳本加入到MySQL

<?php 
include 'db.php'; 

$companyname=$_POST['companyname']; 
$taxno=$_POST['taxno']; 
$address1=$_POST['address1']; 
$suburb=$_POST['suburb']; 
$state=$_POST['state']; 
$postcode=$_POST['postcode']; 
$country=$_POST['country']; 
$primarycontact=$_POST['primarycontact']; 
$primaryemail=$_POST['primaryemail']; 
$subscriptiontype=$_POST['subscriptiontype']; 
$subscriptionstatus=$_POST['subscriptionstatus']; 
$subscriptionenddate=$_POST['subscriptionenddate']; 


$sql = "INSERT INTO `companies` 
       (`companyid` , `accountno` , `companyname` , 
       `taxno` , `address1` , `address2` , `suburb` , 
       `state` , `postcode` , `country` , `primarycontact` , 
       `primaryemail` , `subscriptiontype` , `subscriptionstatus` , 
       `subscriptionenddate` , `datecreated`) 
     VALUES (NULL , 
       NULL , 
      '".mysqli_real_escape_string($conn,$_POST['companyname'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['taxno'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['address1'])."' , 
      NULL , 
      '".mysqli_real_escape_string($conn,$_POST['suburb'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['state'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['postcode'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['country'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['primarycontact'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['primaryemail'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['subscriptiontype'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['subscriptionstatus'])."' , 
      '".mysqli_real_escape_string($conn,$_POST['subscriptionenddate'])."')"; 

mysqli_query($conn, $sql); 

mysqli_close($conn); 
?> 

我的數據庫文件

<?php 

$dbhost = 'localhost'; 
$dbuser = 'root'; 
$dbpass = ''; 
$db = 'a34511pidata'; 

$conn = mysqli_connect($dbhost,$dbuser,$dbpass); 
mysqli_select_db($conn, $db); 

ini_set('display_errors', 1); 
ini_set('display_startup_errors', 1); 
error_reporting(E_ALL); 

echo "Database Connected Ok.."; 

?> 

Answer 1

如果你讓你的代碼可讀性，你會發現它更容易o調試。

此外，當您使用mysqli_時，您需要在發出查詢後檢查錯誤。

你也應該使用準備好的和參數化查詢，以保護自己免受SQL注入攻擊

你實際的錯誤是，你必須列出16列和15只在值列表中的變量。

我用NOW（）填充缺失的列我假設這將是datecreated列所需要的。

<?php 
include 'db.php'; 

$sql = "INSERT INTO `companies` 
       (`companyid`, `accountno`, `companyname` , 
       `taxno` , `address1`, `address2`, `suburb` , 
       `state` , `postcode`, `country`, `primarycontact` , 
       `primaryemail`, `subscriptiontype` , 
       `subscriptionstatus`, `subscriptionenddate`,  
       `datecreated`) 
     VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())"; 

$stmt = $conn->prepare($sql); 
if (! $stmt) { 
    echo $stmt->error; 
    exit; 
} 

// I dont know your data type so you may need to check the data types I used here 
$stmt->bind_param('iisssssssssssss', 
        NULL, NULL, 
        $_POST['companyname'], 
        $_POST['taxno'], 
        $_POST['address1'], 
        NULL , 
        $_POST['suburb'], 
        $_POST['state'], 
        $_POST['postcode'], 
        $_POST['country'], 
        $_POST['primarycontact'], 
        $_POST['primaryemail'], 
        $_POST['subscriptiontype'], 
        $_POST['subscriptionstatus'], 
        $_POST['subscriptionenddate'] 
       ); 



$stmt->execute(); 
if (! $stmt) { 
    echo $stmt->error; 
    exit; 
} 

mysqli_close($conn); 
?> 

我必須說，我覺得這是一個有點古怪要傳遞NULL作爲列accountno第二個參數即。這可能是你的下一個錯誤，但這取決於你的數據庫中如何定義該列。