了這是我的HTML表單:我不能INSERT INTO功能與數據從運行HTML表單
<form id="ajax-contact-form" action="upload.php" method = "post" enctype="multipart/form-data" >
<div class="col1">
<div class="clear"></div>
<br><br>
<INPUT type="text" name="Name" value="Full name:" onBlur="if(this.value=='') this.value='Full name:'"
onFocus="if(this.value =='Full name:') this.value=''">
<div class="clear"></div>
<INPUT type="text" name="Email" value="Your email:" onBlur="if(this.value=='') this.value='Your email:'"
onFocus="if(this.value =='Your email:') this.value=''"><div class="clear"></div>
<INPUT type="text" name="University" value="University, College or Institute:" onBlur="if(this.value=='') this.value='University, College or Institute:'"
onFocus="if(this.value =='University, College or Institute:') this.value=''">
<div class="clear"></div></div>
<div class="col1 pad_left5"><br>
<h4>Please write about your academic research experiences:</h4>
<TEXTAREA NAME="Content" onBlur="if(this.value=='') this.value=''"
onFocus="if(this.value =='') this.value=''"></TEXTAREA>
<div class="clear"></div></div>
<div class="clear"></div>
<br><h4>Upload your photo (200 x 200):</h4><br>
<INPUT type = "file" name="Picture" id = "picture" lang="en">
<div class="clear"></div><br>
<h4>Please upload your academic publications under one folder as a compressed file:</h4><br>
<INPUT type = "file" name="Publications" id = "Publication" lang="en">
<div class="clear"></div><br>
<div class="box">
<div class="services1">
<h4>GPA</h4><br>
<INPUT class="capthca" type="text" name="GPA" value="GPA:" onBlur="if(this.value=='') this.value='GPA:'"
onFocus="if(this.value =='GPA:') this.value=''">
<div class="clear"></div><br>
<h4>IELTS</h4><br>
<INPUT class="capthca" type="text" name="IELTS" value="IELTS Score:" onBlur="if(this.value=='') this.value='IELTS Score:'"
onFocus="if(this.value =='IELTS Score:') this.value=''">
<div class="clear"></div>
</div>
<div class="services1">
<h4>TOEFL</h4><br>
<INPUT class="capthca" type="text" name="PBT" value="PBT:" onBlur="if(this.value=='') this.value='PBT:'"
onFocus="if(this.value =='PBT:') this.value=''"> <div class="clear"></div>
<INPUT class="capthca" type="text" name="CBT" value="CBT:" onBlur="if(this.value=='') this.value='CBT:'"
onFocus="if(this.value =='CBT:') this.value=''"> <div class="clear"></div>
<INPUT class="capthca" type="text" name="IBT" value="IBT:" onBlur="if(this.value=='') this.value='IBT:'"
onFocus="if(this.value =='IBT:') this.value=''"> <div class="clear"></div>
<div class="clear"></div>
</div>
<div class="services1 last">
<h4>ALES</h4><br>
<INPUT class="capthca" type="text" name="VERBAL" value="Verbal Score:" onBlur="if(this.value=='') this.value='Verbal Score:'"
onFocus="if(this.value =='Verbal Score:') this.value=''"> <div class="clear"></div>
<INPUT class="capthca" type="text" name="MATH" value="Math Score:" onBlur="if(this.value=='') this.value='Math Score:'"
onFocus="if(this.value =='Math Score:') this.value=''"> <div class="clear"></div>
<INPUT class="capthca" type="text" name="EQUALWEIGHT" value="Equal Weight Score:" onBlur="if(this.value=='') this.value='Equal Weight Score:'"
onFocus="if(this.value =='Equal Weight Score:') this.value=''"> <div class="clear"></div>
</div>
<div class="clear"></div>
</div>
<div class="clear"></div>
<INPUT class="submit" type="submit" name="submit" value="submit">
<div class="clear"></div>
</form>
的這個其他變量我已經分配給了HTML表單中的值。
$Name = (string)$_POST["Name"];
$EMail = (string)$_POST["Email"];
$University = (string)$_POST["University"];
$Academic_Experience = $_POST["Content"];
$Photo = $_POST["Picture"];
$Publications = $_POST["Publications"];
$GPA = (float)$_POST["GPA"];
$VERBAL = (float)$_POST["VERBAL"];
$MATH = (float)$_POST["MATH"];
$EQUALWEIGHT = (float)$_POST["EQUALWEIGHT"];
$PBT = (float)$_POST["PBT"];
$CBT = (float)$_POST["CBT"];
$IBT = (float)$_POST["IBT"];
$IELTS = (float)$_POST["IELTS"];
但是,當我試圖插入數據到數據庫的代碼;
$record = mysql_query("INSERT INTO Students (NAME, EMAIL, PHOTO, GPA, ALES_VERBAL_SCORES, ALES_MATH_SCORE, ALES_EQUALWEIGHT_SCORES, TOEFL_PBT, TOEFL_CBT, TOEFL_IBT, IELTS, UNIVERSITY, EXPERIENCE, PUBLICATIONS) VALUES ("."$Name".", "."$EMail".", "."$FileName".", $GPA, $VERBAL, $MATH, $EQUALWEIGHT, $PBT, $CBT, $IBT, $IELTS, "."$University".", "."$Academic_Experience".", "."$PublicationsFileName".")");
我對此代碼有問題。它不會將數據插入數據庫。如果你幫助我,我會很高興。 謝謝...
你有什麼錯誤嗎? –
看起來像SQL注入的天堂! – bansi
不,我不明白。 –