0
我想創建一個表格,用戶正在選擇一個選項讓我們說,他會選擇他的名字我用阿賈克斯打電話給另一個頁面,在這個頁面我創建連接並插入答案問題它插入null 代碼 index.php文件爲什麼null在數據庫中插入?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>MyDataBase </title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js"> </script>
$(document).ready(function(){
$("#mysubmit").click(function(){
$.ajax({
url:"Final.php",
type:"POST",
success: function(success_array)
{
alert(" Well Done ");
},
error: function(xhr, ajaxOptions, thrownError)
{
alert(" Didn't work ! ");
}
});
});
});
</script>
</head>
<form method="post" id = "myform">
<input type="radio" name="kname" value="X1" />X1<br />
<input type="radio" name="kname" value="Y1" />Y1<br />
<input type="radio" name="kname" value="A1" />A1<br />
<input type="radio" name="kname" value="G1" />G1<br />
<input type="submit" onclick="save()" id="mysubmit"/>
</form>
<body>
</body>
</html>
Final.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Thanks</title>
</head>
<body>
<?php
$con = mysqli_connect("localhost","root","xyz","test");
mysqli_query($con,"INSERT INTO name values ('$_POST[kname]')");
?>
</body>
</html>
**警告**您的代碼易受sql注入攻擊! –
@ DanielA.White,沒有什麼比[剛剛訪問過的問題](http://stackoverflow.com/q/17664993/)。這仍然很容易受到SQL注入的影響,應該修復。 –
您有SQL注入漏洞。那麼你已經做了哪些調試來試圖縮小這個範圍?你有沒有考慮嘗試處理MySQL錯誤,看看問題可能是什麼? –