1. 首頁
  2. 問答
  3. 表單提交後的空數據庫記錄

表單提交後的空數據庫記錄

2017-03-23 37 views
0

我試圖將表單數據保存到我的數據庫中,但我只是空記錄。 我嘗試了很多解決方案,但我真的不知道錯誤在哪裏。我瘋了!表單提交後的空數據庫記錄

這是我的形式:

<head> 


<form action="uploadall.php" method="post"> 
Name: <input type="text" name="name"><br> 
Autore: <input type="text" name="author"><br> 
Descrizione: <textarea id="editordescription" name="description" cols="45" rows="15"> 
     </textarea> 
     <script> 
      CKEDITOR.replace('editordescription'); 
     </script> 
<br>Misure: <input type="text" name="misure"><br> 
Data: <input type="text" name="date"><br> 
    <input type="hidden" name="status" value="Disattivo" size="20"> 

<input type="submit"> 
</form>

這是我的PHP腳本保存記錄:

 <?php 

    // check if the form has been submitted. If it has, start to process the form and save it to the database 
    if (isset($_POST['submit'])) 
    { 
    // get form data, making sure it is valid 
    $name = mysqli_real_escape_string(htmlspecialchars($_POST['name'])); 
$author = mysqli_real_escape_string(htmlspecialchars($_POST['author'])); 
    $description = mysqli_real_escape_string(htmlspecialchars($_POST['description'])); 
$misure = mysqli_real_escape_string(htmlspecialchars($_POST['misure'])); 
$date = mysqli_real_escape_string(htmlspecialchars($_POST['date'])); 
    $status = mysqli_real_escape_string(htmlspecialchars($_POST['status'])); 

    } 


    $servername = "xxxxxxx"; 
    $username = "xxxxxxx"; 
    $password = "xxxxxxx"; 
    $dbname = "xxxxxxxxx"; 

    try { 
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password); 
    // set the PDO error mode to exception 
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
    $sql = "INSERT INTO exposition (name, author, description, misure, date, status) 
    VALUES ('$name', '$author', '$description', '$misure', '$date', '$status')"; 
    // use exec() because no results are returned 
    $conn->exec($sql); 
    echo "New record created successfully"; 
    } 
catch(PDOException $e) 
    { 
    echo $sql . "<br>" . $e->getMessage(); 
    } 

$conn = null; 


    ?>

這是我在得到我的目前數據庫:

enter image description here

來源

2017-03-23 James69

+0

的可能的複製[?能否混合在PHP MySQL的的API(http://stackoverflow.com/questions/17498216/can-i -mix-mysql-apis-in-php) –

+0

沒有錯誤出現?並且請停止使用'mysql_ *'函數,它們已經被取消了。代替使用[PDO](http://php.net/manual/en/book.pdo.php}或[庫MySQLi](http://php.net/manual/en/book.mysqli.php) – Swellar

+0

'mysql_real_escape_string '你的連接是'mysqli' –

回答

4

首先,您正在使用mysqli_*在某個點使用mysql_*混合了mysql api的某個點。它們不混合。而mysql_*功能已折舊,不再受到後來版本php的支持。更好地使用mysqli或pdo。這mysql_real_escape_string()mysqlo_real_escape_string()是不夠安全,以防止您注射sql。解決方法很簡單,使用mysqli預準備語句或pdo準備語句開始。

另一個錯誤:<input type="text" name="name"><input type="text" name="name">這兩個輸入字段具有相同的名稱屬性php只會讀取一個。 ini_set('display_errors', 1); error_reporting(E_ALL);

date

在每個PHP頁面的頂部添加此:你會$misure = $_POST['misure'];您需要激活錯誤報告,而你還在發展,所以你可以看到你的錯誤,並通知在這裏得到一個未定義的索引日期是MySQL讓你更好地使用別的東西你的列名或添加反斜線date

哦,你的代碼永遠不會執行此保留字:

if (isset($_POST['submit'])) 
{ 
// get form data, making sure it is valid 
$name = mysql_real_escape_string(htmlspecialchars($_POST['name'])); 
$author = mysql_real_escape_string(htmlspecialchars($_POST['author'])); 
    $description = mysql_real_escape_string(htmlspecialchars($_POST['description'])); 
$misure = mysql_real_escape_string(htmlspecialchars($_POST['misure'])); 
$date = mysql_real_escape_string(htmlspecialchars($_POST['date'])); 
    $status = mysql_real_escape_string(htmlspecialchars($_POST['status'])); 

}

這是爲什麼?因爲您沒有POST值和submit屬性名稱。 <input type="submit">看到了嗎?您的提交沒有名稱屬性。因此。這意味着

這一切:

VALUES ('$name', '$author', '$description', '$misure', '$date', '$status')";這些都是不確定的變量。我很驚訝你的服務器爲什麼不告訴你,通過這個錯誤報告,你將得到所有這些。

這是什麼ü需要做什麼來解決:

你的HTML側。

<form action="uploadall.php" method="post"> 
Name: <input type="text" name="name"><br> 
Autore: <input type="text" name="author"><br> 
Descrizione: <textarea id="editordescription" name="description" cols="45" rows="15"> 
     </textarea> 
     <script> 
      CKEDITOR.replace('editordescription'); 
     </script> 
<br>Misure: <input type="text" name="misure"><br> 
Data: <input type="text" name="date"><br> 
    <input type="hidden" name="status" value="Disattivo" size="20"> 

<input type="submit" name="submit"> 
</form>

uploadall.php

<?php 

// check if the form has been submitted. If it has, start to process the form and save it to the database 
if (isset($_POST['submit'])) { 

    $servername = "xxxxxxx"; 
    $username = "xxxxxxx"; 
    $password = "xxxxxxx"; 
    $dbname  = "xxxxxxxxx"; 

    // Create connection 
    $conn = new mysqli($servername, $username, $password, $dbname); 
    // Check connection 
    if ($conn->connect_error) { 
     die("Connection failed: " . $conn->connect_error); 
    } 


    //check your inputs are set and validate,filter and sanitize 
    $name  = $_POST['name']; 
    $author  = $_POST['author']; 
    $description = $_POST['description']; 
    $misure  = $_POST['misure']; 
    $date  = $_POST['date']; 
    $status  = $_POST['status']; 



    //prepare and bind 
    $sql = $conn->prepare("INSERT INTO exposition (name, author, description, misure, date, status) 
VALUES (?,?,?,?,?,?)"); 
    $sql->bind_param("ssssss", $name, $author, $description, $misure, $date); 

    if ($sql->execute()) { 

     echo "New record created successfully"; 

    } else { 

     //you have an error 
    } 

    $conn->close(); 

} 

?>

這一切好運。

更新:

我糾正錯誤,你告訴我,我使用的PDO,但現在它仍然 不起作用

,我讀了您的上述評論,但你不告訴我們錯誤是什麼,但我相信他們是我上面強調的那些。

與PDO這是U將如何實現你的目標:

<?php 

    //connection 
    $servername = 'XXXXXXXXXXXXX'; 
    $dbname  = 'XXXXXXXXXXXXX'; 
    $username = 'XXXXXXXXXXXXXX'; 
    $password = 'XXXXXXXXX'; 
    $charset = 'utf8'; 

    $dsn = "mysql:host=$servername;dbname=$dbname;charset=$charset"; 
    $opt = [ 
      PDO::ATTR_ERRMODE   => PDO::ERRMODE_EXCEPTION, 
      PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, 
      PDO::ATTR_EMULATE_PREPARES => false, 
      ]; 


    $dbh = new PDO($dsn, $username, $password, $opt); 

// check if the form has been submitted. If it has, start to process the form and save it to the database 
if (isset($_POST['submit'])) { 




    //check your inputs are set and validate,filter and sanitize 
    $name  = $_POST['name']; 
    $author  = $_POST['author']; 
    $description = $_POST['description']; 
    $misure  = $_POST['misure']; 
    $date  = $_POST['date']; 
    $status  = $_POST['status']; 

    //prepare and bind 
    $stmt = $dbh->prepare("INSERT INTO exposition (name, author, description, misure, date, status)VALUES (?,?,?,?,?,?)"); 
    if ($stmt->execute(array($name,$author,$description,$misure,$date,$status))) { 

     echo "New Record inserted success"; 
    } 

} 

?>

來源

2017-03-23 10:20:55

+0

在第一次使用前,它不工作(在你錯過了在bind_param「$狀態」第一uploadall.php我糾正它和它的作品感謝我還添加了$描述=用strip_tags($描述),因爲它保存的HTML標籤太:)非常感謝你!! ) – James69

-1

您使用INSERT查詢中的變量超出範圍從第一,如果塊,你從你的形式獲取數據。如果變量在第一個if塊之前被初始化,它可能會起作用。像下面..

$name = ""; $author = "";$description = "";$misure = "";$date = "";$status="; 


if (isset($_POST['submit'])){ // as is}

來源

2017-03-23 09:58:19 Ashraful041

0

變量名問題E.g Name: <input name="name"> 和: Misure: <input name="name">。這必須是不同的。

同樣,<input type="submit">應該是<input type="submit" name="submit">。 希望,這會有所幫助。

來源

2017-03-23 10:00:04

相關問題

 相關問題