-1
我想插入用戶和cursus id在數據庫中提交當前用戶定義在第二部分(請參閱評論)和數據庫連接是在在文件頂部需要一次。 當我現在按下按鈕它的迴應成功,但在數據庫記錄顯示。控制檯沒有顯示任何東西,當我回顯$ a或& b它給我正確的ID。我做錯了什麼?插入到數據庫失敗,雖然預計要插入
<?php
session_start();
require_once('includes/mysql_config.php');
//getting user data/id
$id = isset($_SESSION['id']) ? $_SESSION['id'] : header('location: login.php');
$result = mysqli_query($con, "SELECT * FROM users WHERE id =".$_SESSION['id']);
$user = mysqli_fetch_array($result);
require_once('header.php');
$id = $_GET['id'];
$result = mysqli_query($con, "SELECT * FROM cursus c LEFT OUTER JOIN cursussoort cr ON (c.cursussoort_ID = cr.id) WHERE c.ID = $id ORDER BY c.begindatum ASC");
$amount = mysqli_affected_rows($con);
for ($i = 0; $i < $amount; $i++) {
$cursus = mysqli_fetch_array($result);
$a = $cursus['id'];
$b = $user['id'];
//$a = mysqli_real_escape_string($a);
//$b = mysqli_real_escape_string($b);
if(isset($_POST['submit'])){
if($user['id']) {
$sql = "INSERT INTO aanmeldingen (users_id, cursus_id) VALUES ('$b', '$a')";
$result = mysqli_query($sql);
echo "success";
} else {
echo "failed";
}
}
?>
<div class="main-nav">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<!-- <a class="navbar-brand" href="index.html">
<h1><img class="img-responsive" src="images/logo.png" alt="logo"></h1>
</a> -->
</div>
<div class="collapse navbar-collapse">
<ul class="nav navbar-nav navbar-right">
<li class="scroll active"><a href="index.php#home">Home</a></li>
<li class="scroll"><a href="index.php#services">Over ons</a></li>
<li class="scroll"><a href="index.php#pricing">Cursussen</a></li>
<li class="scroll"><a href="index.php#contact">Contact</a></li>
<?php if(isset($_SESSION['id'])) {
echo '<li><a href="myaccount.php"><span>Mijn account</span></a></li>';
echo '<li><a href="logout.php"><span>Log Out</span></a></li>';
} else {
echo '<li><a href="login.php"><span>Log In</span></a></li>';
} ?>
</ul>
</div>
</div>
</div><!--/#main-nav-->
<br><br>
<!-- Post Content -->
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2 col-md-10 col-md-offset-1">
<div class="col-lg-8 col-lg-offset-2 col-md-10 col-md-offset-1">
<div class="post-preview">
<h1> <?php echo $cursus['naam_cursus'] . "<br />";?></h1>
van: <?php echo $cursus['begindatum'] . "<br />";?>
tot: <?php echo $cursus['begindatum'] . "<br />";?>
<?php echo $cursus['beschrijving'] . "<br />";?>
</div>
</div>
</div>
<form method="post">
<input type="submit" name="submit">
</form>
</div>
</div>
<?php } ?>
<hr>
如果你們需要更多的信息告訴我。
[小博](http://bobby-tables.com/)說***腳本是在SQL注入攻擊的風險。](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***瞭解[prepared](http:// en .wikipedia.org/wiki/Prepared_statement)[MySQLi]的聲明(http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! [不要相信嗎?](http://stackoverflow.com/q/38297105/1011527) –
由於你沒有提供任何錯誤,我假設你需要打開錯誤報告,把'error_report(E_ALL); ini_set('display_errors','on');'在頁面的頂部,如果你仍然沒有得到任何東西,那麼檢查[**'mysqli_error()'**](http://php.net/manual/en /mysqli.error.php) – MonkeyZeus
以程序的方式,'mysqli_query()'至少需要** 2個參數,第一個是你的連接處理程序,第二個是你的查詢。它應該是'$ result = mysqli_query($ con,$ sql);'。 RTM,[http://php.net/manual/en/mysqli.query.php](http://php.net/manual/en/mysqli.query.php) –