PHP和MySQL数据库的问题
以下是我的主要PHP代码:PHP和MySQL数据库的问题,php,html,mysql,sql,database,Php,Html,Mysql,Sql,Database,以下是我的主要PHP代码: <?php define('dbServer', 'localhost'); $dbUsername = 'root'; $dbPassword = ''; define('dbName', '1'); $dbConnection = mysqli_connect(dbServer, $dbUsername, $dbPassword, dbName); if(!$dbConnection){ die("Unsuccessful Connection
<?php
define('dbServer', 'localhost');
$dbUsername = 'root';
$dbPassword = '';
define('dbName', '1');
$dbConnection = mysqli_connect(dbServer, $dbUsername, $dbPassword, dbName);
if(!$dbConnection){
die("Unsuccessful Connection: " . mysqli_connect_error());
}
// All user data will be taken from the form //
$emailAddress = $_POST['emailaddress'];
$firstName = $_POST['firstname'];
$lastName = $_POST['lastname'];
$streetAddress = $_POST['streetaddress'];
$phoneNumber = $_POST['phonenumber'];
$comments = $_POST['comments'];
$sql = "INSERT INTO user-submission (email, firstName, lastName, address, phoneNumber, comment) VALUES ('$emailAddress', '$firstName', '$lastName', '$streetAddress', '$phoneNumber', '$comments')";
$result = mysqli_query($dbConnection, $sql);
if (!$result){
die('Error: ' . mysqli_connect_error());
}
?>
将此项添加到顶部打开的php标记的正下方,然后服务器将告诉您错误是什么。如果需要帮助,请在此处复制错误
error_reporting( E_ALL );
首先,您需要进行更改,以便黑客不会滥用您的代码。
只要等到强尼;升降台经过并清除了您的数据库
// All user data will be taken from the form //
$emailAddress = mysqli_real_escape_string($dbConnections,$_POST['emailaddress']);
$firstName = mysqli_real_escape_string($dbConnections,$_POST['firstname']);
$lastName = mysqli_real_escape_string($dbConnections,$_POST['lastname']);
$streetAddress = mysqli_real_escape_string($dbConnections,$_POST['streetaddress']);
$phoneNumber = mysqli_real_escape_string($dbConnections,$_POST['phonenumber']);
$comments = mysqli_real_escape_string($dbConnections,$_POST['comments']);
$sql = "INSERT INTO `user-submission` (email, firstName, lastName, address, phoneNumber, comment) VALUES (?,?,?,?,?,?)";
$prep=$dbConnections->prepare($sql);
$prep->bind_param("ssssss",$emailAddress,$firstName,$lastName,$streetAddress,$phoneNumber,$comments);
#actually puts everything together, and puts it in the database
$prep-execute();
在运行此程序时,您没有说明实际发生了什么,因此可能还有其他问题,但是如果表名包含破折号,您肯定需要引用表名。请看,您还希望尽快了解SQL注入:启用错误报告,并获得调试您编写的程序的技能。。。如何检测错误,以及如何诊断问题。StackOverflow不是调试服务。你的标题不是特别有用,很多问题都可以被描述为“PHP和MySQL数据库问题”mysqli_connect_error()
不是用于查询的正确函数,只是一个连接错误方法而已mysqli_connect