2012-12-06 148 views
0

有一個簡單的註冊表單被鏈接到一個PHP文件,以便將信息發送到數據庫,但每次我嘗試它的數據沒有顯示在phpMyAdmin數據庫?表單數據沒有被髮送到MySql數據庫

<?php 

$name = $_POST['name']; 
$address = $_POST['address']; 
$number = $_POST['number']; 
$email = $_POST['email']; 
$details = $_POST['details']; 

$user="root"; 
$password="secure"; 
$database="darrenweircharity"; 
mysql_connect("localhost",$user,$password); 
@mysql_select_db($database) or die ("Unable to select database"); 

$query = "INSERT INTO registrationdetails(name, address, number, email, details)". 
"VALUES('$name', '$address', '$number', '$email', '$details' NOW())"; 
mysql_query($query); 
mysql_close(); 
?> 
+1

請*不要*直接在查詢中使用'$ _POST'中的值。 –

+0

使用PDO,重新組織您的代碼,並用VALUES('「。$ name。」','。。$ address。「','。。$ number。」','。。$ email。「',' 「。$ details。」') –

+0

爲什麼你在那裏有一個NOW()?你想做什麼? –

回答

1

Please, don't use mysql_* functions in new code。他們不再被維護,並且deprecation process已經開始。請參閱red box?請改爲了解prepared statements,並使用PDOMySQLi - this article將幫助您決定哪個。如果您選擇PDO,here is a good tutorial

嘗試用:

$query = "INSERT INTO registrationdetails(name, address, number, email, details)". 
     "VALUES('" . $name . "', '" . $address . "', '" . $number . "', '" . $email . "', '" . $details . "');"; 

您在查詢不應該存在的到底有NOW()

另請注意,您的代碼存在SQL注入漏洞(請參閱mysql_real_escape_string()),我建議您通過PDO準備查詢。

+0

完成了這個訣竅。非常感謝。 – DJD7

+0

第一次正確使用:P我見過你編輯你的文章至今三次, –

+0

@ DJD7不客氣! :) – jan267

0

從可能的SQL注入保護:

$name = mysql_real_escape_string($name); 
$address = mysql_real_escape_string($address); 
$number = mysql_real_escape_string($number); 
$email = mysql_real_escape_string($email); 
$details = mysql_real_escape_string($details); 

替換爲:

$query = " 
INSERT INTO registrationdetails (`name`, `address`, `number`, `email`, `details`) 
VALUES ('$name', '$address', '$number', '$email', '$details')"); 
0
$query = " 
    INSERT INTO registrationdetails (name, address, number, email, details, date_time) 
    VALUES ('{$name}', '{$address}', '{$number}', '{$email}', '{$details}', NOW()) 
"; 

更換date_time與列名。並且在將它們插入數據庫之前,請記住使用mysql_real_escape_string將所有提交的值轉義。

相關問題