2
我想創建一個註冊並將數據發佈到SQlite數據庫文件。使用PHP從表單插入數據到SQLite3數據庫
我的形式如下:
<form action="registerprocess_test.php" class="form-horizontal" id=
"register_form" method="post" name="register_form" role="form">
<h2>Registration Form</h2>
<div class="form-group">
<label class="col-sm-3 control-label" for="firstname">First
Name</label>
<div class="col-sm-6">
<input autofocus="" class="form-control" id="firstname" name=
"firstname" placeholder="First Name" type="text">
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="lastname">Last
Name</label>
<div class="col-sm-6">
<input autofocus="" class="form-control" id="lastname" name=
"lastname" placeholder="Last Name" type="text">
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="email">Username</label>
<div class="col-sm-6">
<input class="form-control" id="username" name="username"
placeholder="Username" type="text">
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for=
"password">Password</label>
<div class="col-sm-6">
<input class="form-control" id="password" name="password"
placeholder="Password" type="password">
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="country">Country</label>
<div class="col-sm-6">
<select class="form-control" id="country" name="country">
<option>
United Kingdom
</option>
<option>
United States
</option>
</select>
</div>
</div><!-- /.form-group -->
<div class="form-group">
<label class="control-label col-sm-3">Gender</label>
<div class="col-sm-6">
<div class="row">
<div class="col-sm-4">
<label class="radio-inline"><input id="femaleRadio"
type="radio" value="Female">Female</label>
</div>
<div class="col-sm-4">
<label class="radio-inline"><input id="maleRadio" name=
"gender" type="radio" value="Male">Male</label>
</div>
</div>
</div>
</div><!-- /.form-group -->
<div class="form-group">
<div class="col-sm-6">
<div class="checkbox"></div>
</div><!-- /.form-group -->
<div class="form-group">
<div class="col-sm-6 col-sm-offset-3">
<div class="checkbox">
<label><input type="checkbox">I accept <a href=
"#">Terms & Conditions</a></label>
</div>
</div>
</div><!-- /.form-group -->
<div class="form-group">
<div class="col-sm-6 col-sm-offset-3">
<button class="btn btn-primary btn-block" type=
"submit">Register</button>
</div>
</div>
</div>
</form>
然後我的PHP是這樣的:
<?php
try
{
//open the database
$db = new PDO('sqlite:users.db');
$firstname = $_POST["firstname"];
$lastname = $_POST["lastname"];
$username = $_POST["username"];
$password = $_POST["password"];
$gender = $_POST["gender"];
$country = $_POST["country"];
//Insert record
$db->exec("INSERT INTO registered_users (firstname, lastname, username, password, gender, country) VALUES ('$firstname', '$lastname', '$username', '$password', '$gender', $country);");
//now output the data to a simple html table...
print "<table border=1>";
print "<tr><td>firstname</td><td>lastname</td><td>username</td><td>password</td><td>gender</td><td>country</td></tr>";
$result = $db->query('SELECT * FROM registered_users');
foreach($result as $row)
{
print "<tr><td>".$row['firstname']."</td>";
print "<td>".$row['lastname']."</td>";
print "<td>".$row['username']."</td>";
print "<td>".$row['password']."</td>";
print "<td>".$row['gender']."</td>";
print "<td>".$row['country']."</td>";
}
print "</table>";
$db = NULL;
}
catch(PDOException $e)
{
print 'Exception : ' .$e->getMessage();
}
?>
我知道我,因爲它連接到數據庫顯示的當前數據在表中的數據庫中,按點擊su bmit。但是,不會從登記表中插入數據。我在我的PHP代碼中丟失了重要的東西嗎?
您是否收到錯誤? – Andrius
我也聞到SQL注入嗎? –
請勿對查詢字符串使用字符串操作!這是一個巨大的安全風險!改用預先準備的語句和查詢參數。 –