1. 首頁
  2. 問答
  3. 插入表單數據到mysql數據庫

插入表單數據到mysql數據庫

2017-02-06 45 views
-1

我已經多次試過讓這段代碼運行並將數據插入到我的數據庫中。無論我嘗試什麼,我都無法弄清楚問題所在。 PHP的是這樣的:插入表單數據到mysql數據庫

<?php 
// Create connection 
$conn = mysqli_connect("localhost","nmhsmusi_admin" , "********", "nmhsmusi_musicdb"); 

// Check connection 
if (mysqli_connect_errno()) 
{ 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 

if (isset($_POST['submit'])) 
{ 

    $titleTag = $_POST['title']; 
    $composerTag = $_POST['composer']; 
    $unicodeTag = $_POST['unicode']; 
    $tempoTag = $_POST['tempo']; 
    $yearTag = $_POST['year-used']; 
    $languageTag = $_POST['language']; 
    $keyTag = $_POST['key-signature']; 
    $pianoTag = $_POST['piano']; 
    $temposelTag = $_POST['temposel']; 
    $partsTag = $_POST['parts']; 

    $run = mysqli_query($conn,"INSERT INTO musicdb (title, composer, unicode, temptxt, yearused, languages, pianokeys, piano, temposel, parts) 
     VALUES 
     (
      '$titleTag', '$composerTag', '$unicodeTag', '$tempoTag', '$yearTag', '$languageTag', '$keyTag', '$pianoTag', '$temposelTag', '$partsTag' 
     )"); 

    if ($run) { 
     echo "New record created successfully"; 
    } else { 
     echo "failed"; 
    } 
    mysqli_close($conn); 
} 
?>

任何幫助,將不勝感激

來源

2017-02-06 user3728126

+1

你有幾個方法來檢查錯誤,你需要使用它們。該表單遺漏了這個順便說一句。 –

回答

0

爲什麼要使用的mysqli?它已經被廢棄了嗎? 現在使用PDO。

下面是一個例子:

<?php 
if (isset($_POST['submit'])) { 

    $titleTag = $_POST['title']; 
    $composerTag = $_POST['composer']; 
    $unicodeTag = $_POST['unicode']; 
    $tempoTag = $_POST['tempo']; 
    $yearTag = $_POST['year-used']; 
    $languageTag = $_POST['language']; 
    $keyTag = $_POST['key-signature']; 
    $pianoTag = $_POST['piano']; 
    $temposelTag = $_POST['temposel']; 
    $partsTag = $_POST['parts']; 

    try { 
     $pdo = new PDO(DSN,DBUSER,DBUSERPASSWD); 
    } catch (PDOException $e) { 
     echo "Failed to connect to Database: " . $e->getMessage() . "\n"; die(); 
    } 
    $pdo->exec("SET NAMES 'utf8' COLLATE 'utf8_general_ci'"); 

    $sql = "INSERT INTO musicdb (title, composer, unicode, temptxt, yearused, languages, pianokeys, piano, temposel, parts) 
    VALUES (:titleTag,:composerTag,:unicodeTag,:tempoTag,:yearTag,:languageTag,:keyTag,:pianoTag,:temposelTag,:partsTag)"; 
    $query = $pdo->prepare("$sql"); 
    $query->bindValue(':titleTag',$titleTag); 
    $query->bindValue(':composerTag',$composerTag); 
    $query->bindValue(':unicodeTag',$unicodeTag); 
    $query->bindValue(':tempoTag',$tempoTag); 
    $query->bindValue(':yearTag',$yearTag); 
    $query->bindValue(':languageTag',$languageTag); 
    $query->bindValue(':keyTag',$keyTag); 
    $query->bindValue(':pianoTag',$pianoTag); 
    $query->bindValue(':temposelTag',$temposelTag); 
    $query->bindValue(':partsTag',$partsTag); 
    $query->execute(); 
    if($query->rowCount() > 0){ 
     echo "New record created successfully!"; 
    } else { 
     echo "Error!"; 
    } 
} 
?>

當然,你需要篩選來自正則表達式的形式應有盡有。很容易做的事情!

一旦正則表達式已經分析了,你需要的一切轉化爲ヶ輛,以避免惡意代碼的一切:

正則表達式「/([A-ZA-ÿ0-9\ S] +)/ I」的只允許帶有或不帶有重音符號,數字和空格的字母:

<?php 
preg_match('/([a-zÀ-ÿ0-9\s]+)/i', $_POST['any_field_form'], $output); 
if((isset($output[1]) == true) and ($output[1] != null)) { 
    //Convert everything to htmlentities to avoid malicious code 
    $get_the_data = htmlentities($output[1], ENT_QUOTES, 'UTF-8', false); 
} else { 
    $get_the_data = null; 
} 
?>

這樣可以避免表單問題。當然,對於每個表單字段,您必須執行特定的正則表達式。但是這會讓你的代碼更加智能化。

對不起,如果在文中有任何錯誤。我知道如何用英語閱讀,但我不知道如何寫,所以我使用了翻譯器。 但就是這樣,男孩!

來源

2017-02-06 02:20:50

相關問題

 相關問題