Fatal编程技术网
  • php/
  • $name和$screenshot无法使用php mysql

$name和$screenshot无法使用php mysql

php mysql

$name和$screenshot无法使用php mysql,php,mysql,Php,Mysql,完成PHP表单后,我在数据库中插入了以下行: INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score'); 问题是,在我的PHP页面中,我看到的是$name,而不是我输入的表单中的名称 乐:我有两个文件:index.php、addscore.php: index.php <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.or

完成PHP表单后,我在数据库中插入了以下行:

INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score');
问题是,在我的PHP页面中,我看到的是$name,而不是我输入的表单中的名称

乐:我有两个文件:index.php、addscore.php: index.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Guitar Wars - High Scores</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Guitar Wars - High Scores</h2>
<p>Welcome, Guitar Warrior, do you have what it takes to crack the high score list? If so, just <a href="addscore.php">add your own score</a>.</p>
<hr />

<?php
// Connect to the database 
$dbc = mysqli_connect('localhost', 'root', '', 'guitar');

// Retrieve the score data from MySQL
$query = "SELECT * FROM guitarwars";
$data = mysqli_query($dbc, $query);

// Loop through the array of score data, formatting it as HTML 
echo '<table>';
while ($row = mysqli_fetch_array($data)) { 
// Display the score data
echo '<tr><td class="scoreinfo">';
echo '<span class="score">' . $row['score'] . '</span><br />';
echo '<strong>Name:</strong> ' . $row['name'] . '<br />';
echo '<strong>Date:</strong> ' . $row['date'] . '</td></tr>';
if(is_file($row['screenshot']) && filesize($row['screenshot'])>0) {
echo '<td><img src="'.$row['screenshot'].'" alt="Score image" /></td></tr>';
}
else {
echo '<td><img src="unverified.gif" alt="Unverified score" /></td></tr>';
}
}
echo '</table>';

mysqli_close($dbc);
?>

</body> 
</html>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Guitar Wars - Add Your High Score</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Guitar Wars - Add Your High Score</h2>

<?php
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$name = $_POST['name'];
$score = $_POST['score'];

if (!empty($name) && !empty($score)) {
  // Connect to the database
  $dbc = mysqli_connect('localhost', 'root', '', 'guitar');

  // Write the data to the database
  $query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score')";
  mysqli_query($dbc, $query);

  // Confirm success with the user
  echo '<p>Thanks for adding your new high score!</p>';
  echo '<p><strong>Name:</strong> ' . $name . '<br />';
  echo '<strong>Score:</strong> ' . $score . '</p>';
  echo '<p><a href="index.php">&lt;&lt; Back to high scores</a></p>';

  // Clear the score data to clear the form
  $name = "";
  $score = "";

  mysqli_close($dbc);
}
else {
  echo '<p class="error">Please enter all of the information to add your high score.</p>';
}
}
?>

<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="MAX_FILE_SIZE" value="32768" />
<label for="name">Name:</label>
<input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /><br />
<label for="score">Score:</label>
<input type="text" id="score" name="score" value="<?php if (!empty($score)) echo $score; ?>" />
<input type="file" id="screenshot" name="screenshot" />
<hr />
<input type="submit" value="Add" name="submit" />
</form>
</body> 
</html>


吉他战争-高分
吉他战争-高分
欢迎,吉他勇士,你有什么可以打破高分榜?如果是这样的话,就这样吧
addscore.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Guitar Wars - High Scores</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Guitar Wars - High Scores</h2>
<p>Welcome, Guitar Warrior, do you have what it takes to crack the high score list? If so, just <a href="addscore.php">add your own score</a>.</p>
<hr />

<?php
// Connect to the database 
$dbc = mysqli_connect('localhost', 'root', '', 'guitar');

// Retrieve the score data from MySQL
$query = "SELECT * FROM guitarwars";
$data = mysqli_query($dbc, $query);

// Loop through the array of score data, formatting it as HTML 
echo '<table>';
while ($row = mysqli_fetch_array($data)) { 
// Display the score data
echo '<tr><td class="scoreinfo">';
echo '<span class="score">' . $row['score'] . '</span><br />';
echo '<strong>Name:</strong> ' . $row['name'] . '<br />';
echo '<strong>Date:</strong> ' . $row['date'] . '</td></tr>';
if(is_file($row['screenshot']) && filesize($row['screenshot'])>0) {
echo '<td><img src="'.$row['screenshot'].'" alt="Score image" /></td></tr>';
}
else {
echo '<td><img src="unverified.gif" alt="Unverified score" /></td></tr>';
}
}
echo '</table>';

mysqli_close($dbc);
?>

</body> 
</html>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Guitar Wars - Add Your High Score</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Guitar Wars - Add Your High Score</h2>

<?php
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$name = $_POST['name'];
$score = $_POST['score'];

if (!empty($name) && !empty($score)) {
  // Connect to the database
  $dbc = mysqli_connect('localhost', 'root', '', 'guitar');

  // Write the data to the database
  $query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score')";
  mysqli_query($dbc, $query);

  // Confirm success with the user
  echo '<p>Thanks for adding your new high score!</p>';
  echo '<p><strong>Name:</strong> ' . $name . '<br />';
  echo '<strong>Score:</strong> ' . $score . '</p>';
  echo '<p><a href="index.php">&lt;&lt; Back to high scores</a></p>';

  // Clear the score data to clear the form
  $name = "";
  $score = "";

  mysqli_close($dbc);
}
else {
  echo '<p class="error">Please enter all of the information to add your high score.</p>';
}
}
?>

<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="MAX_FILE_SIZE" value="32768" />
<label for="name">Name:</label>
<input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /><br />
<label for="score">Score:</label>
<input type="text" id="score" name="score" value="<?php if (!empty($score)) echo $score; ?>" />
<input type="file" id="screenshot" name="screenshot" />
<hr />
<input type="submit" value="Add" name="submit" />
</form>
</body> 
</html>


吉他战争-增加你的高分
吉他战争-增加你的高分

变量没有被插值,这意味着您的查询使用单引号或NOWDOC(或其他原因)。最好通过PDO/mysqli使用适当的参数化查询。我更喜欢前者


$pdo = new PDO('mysql:host=localhost;dbname=dbname', 'user', 'pass');
$stmt = $pdo->prepare("INSERT INTO guitarwards VALUES (0, NOW(), ?, ?)");
$stmt->execute(array($name, $score));



此外,您还可以列出要插入的列,并可能省略前两列。
您应该包括代码(或至少包括代码的相关部分)。如果您在数据库中得到了一个文本
$name
,那么您可能在某个地方得到了错误的字符串定义,例如
$sql='insert…\'$名称“)”是,请在插入时包含代码片段。我的直觉是,变量不会被计算,因为你把它们放在了's'之间。很可能你应该避开“像这样:\”请立即了解。