關於mysqli查詢的語法錯誤

Question

我連接到數據庫以加載html表單數據，並且在mysqli查詢中遇到了語法錯誤。我已經嘗試了語法上的變體，但它沒有清除。另一組眼睛將不勝感激。

<?php 
// define variables and set to empty values 
$ProjectErr = $ClientErr = $LastNameErr = $DateReceivedErr = ""; 
$Project = $Client = $LastName = $DateReceived = ""; 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if (empty($_POST["Project"])) { 
    $ProjectErr = "Project name is required"; 
    } else { 
    $Project = test_input($_POST["Project"]); 
    // check if name only contains letters and whitespace 
    if (!preg_match("/^[a-zA-Z ]*$/",$Project)) { 
     $ProjectErr = "Only letters and white space allowed"; 
    } 
    } 

    } 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if (empty($_POST["Client"])) { 
    $ClientErr = "Client name is required"; 
    } else { 
    $Client = test_input($_POST["Client"]); 
    // check if name only contains letters and whitespace 
    if (!preg_match("/^[a-zA-Z ]*$/",$Client)) { 
     $ClientErr = "Only letters and white space allowed"; 
    } 
    } 

    } 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if (empty($_POST["LastName"])) { 
    $LastNameErr = "Tech writer name is required"; 
    } else { 
    $LastName = test_input($_POST["LastName"]); 
    // check if name only contains letters and whitespace 
    if (!preg_match("/^[a-zA-Z ]*$/",$LastName)) { 
     $LastNameErr = "Only letters and white space allowed"; 
    } 
    } 

    } 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if (empty($_POST["DateReceived"])) { 
    $DateReceivedErr = "The date the project was received is required"; 
    } else { 
    $DateReceived = test_input($_POST["DateReceived"]); 
    // check if name only contains letters and whitespace 
    if (!preg_match("/^[a-zA-Z ]*$/",$DateReceived)) { 
     $DateReceivedErr = "Only letters and white space allowed"; 
    } 
    } 

    } 


function test_input($data) { 
    $data = trim($data); 
    $data = stripslashes($data); 
    $data = htmlspecialchars($data); 
    return $data; 
} 
?> 

<?php 
$servername = "localhost"; 
$username = "oldga740_Tonymm"; 
$password = "JtAjDm#6"; 
$dbname = "oldga740_SeniorProject"; 

// Create connection 
$conn = new mysqli($servername, $username, $password, $dbname); 
// Check connection 
if ($conn->connect_error) { 
    die("Connection failed: " . $conn->connect_error); 
} 

//Sending form data to sql db. 
mysqli_query($connect,"INSERT INTO Projects (Project, Client, LastName, DateReceived) 
VALUES ('$_POST[post_Project]', '$_POST[post_Client]', '$_POST[post_LastName]', '$_POST[post_DateReceived]')"; 
?> 

<h2>New Project</h2> 
<p><span class="error">* required field.</span></p> 
<form action="send_post.php" method="post"> 
    Project: <input type="text" name="Project" value="<?php echo $Project;?>"> 
    <span class="error">* <?php echo $ProjectErr;?></span> 
    <br><br> 
    Client: <input type="text" name="Client" value="<?php echo $Client;?>"> 
    <span class="error">* <?php echo $ClientErr;?></span> 
    <br><br> 
    LastName: <input type="text" name="LastName" value="<?php echo $LastName;?>"> 
    <span class="error">* <?php echo $LastNameErr;?></span> 
    <br><br> 
    DateReceived: <input type="text" name="DateReceived" value="<?php echo $DateReceived;?>"> 
    <span class="error">* <?php echo $DateReceivedErr;?></span> 
    <br><br> 
    <input type="submit" name="submit" value="Submit"> 
</form> 

<?php 
echo "<h2>Your Input:</h2>"; 
echo $Project; 
echo "<br>"; 
echo $Client; 
echo "<br>"; 
echo $LastName; 
echo "<br>"; 
echo $DateReceived; 
?> 

Answer 1

在您的代碼中有幾件事情是錯誤的或被認爲是編程世界中的不好實踐。而且，我幾乎無法指出每一個錯誤，所以我寫了一些更簡潔明瞭的代碼。我在我的機器上運行這個代碼，它工作得很好。

仔細閱讀代碼，這是很明顯的。

<?php 
function test_input($data){ 
    $data = trim($data); 
    $data = stripslashes($data); 
    $data = htmlspecialchars($data); 
    return $data; 
} 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "StackOverflow"; 

// create connection 
$connection = new mysqli($servername, $username, $password, $dbname); 

if(isset($_POST['submit']) && !$connection->connect_error){ 
    // to track errors 
    $error = false; 

    // now validate input fields 
    if (empty($_POST['Project']) || !isset($_POST['Project'])){ 
     $ProjectErr = "Project name is required"; 
     $error = true; 
    }elseif(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['Project'])){ 
     // check if project only contains letters and whitespace 
     $ProjectErr = "Only letters and white space allowed"; 
     $error = true; 
    }else{ 
     $Project = test_input($_POST['Project']); 
    } 

    if (empty($_POST['Client']) || !isset($_POST['Client'])){ 
     $ClientErr = "Client name is required"; 
     $error = true; 
    }elseif(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['Client'])){ 
     // check if client only contains letters and whitespace 
     $ClientErr = "Only letters and white space allowed"; 
     $error = true; 
    }else{ 
     $Client = test_input($_POST['Client']); 
    } 

    if (empty($_POST['LastName']) || !isset($_POST['LastName'])){ 
     $LastNameErr = "Last name is required"; 
     $error = true; 
    }elseif(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['LastName'])){ 
     // check if last name only contains letters and whitespace 
     $LastNameErr = "Only letters and white space allowed"; 
     $error = true; 
    }else{ 
     $LastName = test_input($_POST['LastName']); 
    } 

    if (empty($_POST['DateReceived']) || !isset($_POST['DateReceived'])){ 
     $DateReceivedErr = "Data received field is required"; 
     $error = true; 
    }elseif(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['DateReceived'])){ 
     // check if data received only contains letters and whitespace 
     $DateReceivedErr = "Only letters and white space allowed"; 
     $error = true; 
    }else{ 
     $DateReceived = test_input($_POST['DateReceived']); 
    } 

    if(!$error){ 
     $query = "INSERT INTO Projects (Project, Client, LastName, DateReceived) VALUES ('$Project', '$Client', '$LastName', '$DateReceived')"; 
     if($connection->query($query)){ 
      echo "record is successfully inserted!"; 
     }else{ 
      echo "error: record could not be inserted"; 
     } 
    } 
} 

?> 

<html> 
<head> 
    <title>Page Title</title> 
</head> 
<body> 
    <h2>New Project</h2> 
    <p><span class="error">* required field.</span></p> 
    <form action="send_post.php" method="post"> 
     Project: <input type="text" name="Project" value="<?php if(isset($Project)){ echo $Project; } ?>"> 
     <span class="error">* <?php if(isset($ProjectErr)){ echo $ProjectErr; } ?></span> 
     <br><br> 
     Client: <input type="text" name="Client" value="<?php if(isset($Client)){ echo $Client; } ?>"> 
     <span class="error">* <?php if(isset($ClientErr)){ echo $ClientErr; } ?></span> 
     <br><br> 
     LastName: <input type="text" name="LastName" value="<?php if(isset($LastName)){ echo $LastName; } ?>"> 
     <span class="error">* <?php if(isset($LastNameErr)){ echo $LastNameErr; } ?></span> 
     <br><br> 
     DateReceived: <input type="text" name="DateReceived" value="<?php if(isset($DateReceived)){ echo $DateReceived; } ?>"> 
     <span class="error">* <?php if(isset($DateReceivedErr)){ echo $DateReceivedErr; } ?></span> 
     <br><br> 
     <input type="submit" name="submit" value="Submit"> 
    </form> 

    <?php 
     echo "<h2>Your Input:</h2>"; 
     if(isset($_POST['Project'])){ echo $_POST['Project']; } 
     echo "<br />"; 
     if(isset($_POST['Client'])){ echo $_POST['Client']; } 
     echo "<br />"; 
     if(isset($_POST['LastName'])){ echo $_POST['LastName']; } 
     echo "<br />"; 
     if(isset($_POST['DateReceived'])){ echo $_POST['DateReceived']; } 
    ?> 
</body> 
</html> 
<?php 
    $connection->close(); 
?> 

Answer 2

我猜測它的這條線遇到了問題。

mysqli_query($connect," 
    INSERT INTO Projects (Project, Client, LastName, DateReceived) 
    VALUES ('" . $_POST["Project"] . "', '" . $_POST["Client"] . "', '" .$_POST["LastName"] . "', '" . $_POST["DateReceived"] . "');"); 

你的問題是兩個郵報「名」（它不是$_POST[post_Project]只是$_POST["Project"]），而且你剛纔寫他們SQL代碼，而不是將它們插入內。