Php 每一次死亡的白色屏幕。我做错了什么?
我完全不懂PHP,也不懂mysql,所以你知道我对HMTL和CSS有丰富的经验。我所需要的只是在我的网站上的一个表单,将表单中的信息上传到我的数据库中。问题是,单击“提交”按钮只会打开一个空白选项卡,其中包含my.php文件的地址,并显示一个空白的白色屏幕。php文件如下所示Php 每一次死亡的白色屏幕。我做错了什么?,php,mysql,Php,Mysql,我完全不懂PHP,也不懂mysql,所以你知道我对HMTL和CSS有丰富的经验。我所需要的只是在我的网站上的一个表单,将表单中的信息上传到我的数据库中。问题是,单击“提交”按钮只会打开一个空白选项卡,其中包含my.php文件的地址,并显示一个空白的白色屏幕。php文件如下所示 <?php $hostname = "myHostName"; $username = "PreRegCustomers"; $dbname = "PreRegCustomers"; $password = "myP
<?php
$hostname = "myHostName";
$username = "PreRegCustomers";
$dbname = "PreRegCustomers";
$password = "myPassword";
$usertable = "CustomerInfo";
mysql_connect($hostname, $username, $password) OR DIE ("Unable to
connect to database! Please try again later.");
mysql_select_db($dbname);
$sql = "INSERT INTO $usertable (firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName)
VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')";
$sql="INSERT INTO $usertable (firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName)
VALUES ('".$_POST[firstName]."', '".$_POST[lastName]."', '".$_POST[streetAddress]."', '".$_POST[city]."', '".$_POST[state]."', '".$_POST[zip]."', '".$_POST[country]."', '".$_POST[email]."', '".$_POST[phone]."', '".$_POST[badgeName]."')";
?>
$\u POST[firstName]
应该是$\u POST['firstName']
,依此类推
mysql_query($sql) or die('MySQL Error: ', mysql_error());
echo 'Data inserted';
您现在不应该使用mysql,它已被弃用。使用PDO执行此操作据我所知,此代码仅连接到数据库并设置变量$sql。您是否真的在任何地方执行查询?你在屏幕上打印东西吗?首先
$_POST[firstname] should be $_POST['firstname']
第三
第二
$conn=mysql_connect(your parameters);
在php代码的最顶端包括以下两行:
error_reporting(E_ALL);
ini_set('display_errors', '1');
它将启用错误报告,因此您将能够调试脚本。
可能问题在于,在使用字符串索引名时,读取$u POST变量(以及任何数组类型变量)时应使用“引号”:
$_POST[firstName] must be written as follows:
$_POST['firstName']
使此查询更安全(例如,针对sql注入攻击)的一个好方法是在POST中替换值,而不是将其直接传递给查询
$firstName = mysql_real_escape_string($_POST['firstName']);
POST中的值将被替换,以便您可以将其传递给SQL
尝试使所有变量都符合以下条件:
$sql = "INSERT INTO $usertable
(firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName)
VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')";
最后,您需要实际执行查询:
mysql_query($sql);
如果运行正常,您将不会看到任何错误,但请确保舒尔能够在此脚本中启用错误报告。当一切正常时,记得删除错误报告。就像其他人说的那样,将注释放在数组引用中。也就是说,您确实需要转义$\u POST变量以避免SQL注入,如果代码顺序明确,那么调试也会更容易:)
使用有序代码,您可以键入echo“some text”;在您想要的任何接触点,以便您可以看到代码在哪里中断
此外,在php.ini或代码()中打开错误报告也是观察无法预测的错误的最佳选择
<?php
$hostname = "myHostName";
$username = "PreRegCustomers";
$dbname = "PreRegCustomers";
$password = "myPassword";
$usertable = "CustomerInfo";
//connect to mysql
$link_id = mysql_connect($hostname, $username, $password);
if (!$link_id) {
die("Unable to connect to database! Please try again later. error:".mysql_errno());
}
echo "connected to mysql";
//make sure your DB exists
if (!mysql_select_db($dbname)) die ("Connected to mysql but could not connect to the DB. error:".mysql_errno());
echo "connected to database";
//avoid sql_injection
$firstName = mysql_real_escape_string($_POST['firstName']);
$lastName = mysql_real_escape_string($_POST['lastName']);
$streetAddress = mysql_real_escape_string($_POST['streetAddress']);
$city = mysql_real_escape_string($_POST['city']);
$state = mysql_real_escape_string($_POST['state']);
$zip = mysql_real_escape_string($_POST['zip']);
$country = mysql_real_escape_string($_POST['country']);
$email = mysql_real_escape_string($_POST['email']);
$phone = mysql_real_escape_string($_POST['phone']);
$badgeName = mysql_real_escape_string($_POST['badgeName']);
echo "sanitised input";
//write the query
$sql = "INSERT INTO $usertable
(firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName)
VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')";
echo "build query: ".$sql;
//then you'll need to execute the query :)
if (mysql_query($sql))
echo "query success";
else
echo "query failed";
//ps you can ignore the last? >
打开错误报告您应该执行$\u POST['firstName']
而不是普通的$\u POST[firstName]
,但我也看不到您会回显任何内容。您正在编写查询语句,但从未执行它们(使用mysql\u查询函数)。你应该使用MySQL或PDO代替MySQL函数,因为它们不安全和不受欢迎。发布的代码(如果它工作)不会输出任何东西。你在期待什么?我知道所有其他的评论和答案都解决了导致白板的问题,但是我真诚地认为@ Zod的评论是真正的答案。“我为什么要看白色屏幕“。也是最有建设性的;)。只有MHO。这不会导致致命错误等等
-这不是很好的描述/帮助=)。呵呵!拿上你的计数牌!正如我所说的,我是一个noobxd。我可以看到$sql变量的设置位置。所以现在我只需要让它运行一点点代码,将这些值输入到我的数据库中。这就是我想让它做到的。这一次看起来特别有希望。我试着用它来代替我的重要信息,但它说了以下内容:注意:未定义的索引:第26行的/home/content/85/11323785/html/devTest/insert2.php中的country有问题吗?它与所有其他变量完全相同。这意味着它不在数组中,请检查您的表单以确保country变量具有正确的字段名etcgot。。但是这段代码仍然会产生一个空白的白屏。T还有其他想法吗?如果这段代码运行正常,它将不会显示任何内容,尽管会向数据库中添加一条记录。我要做的是将代码放在其中,以提供输出。例如,在“mysqlselectdb”方法之后,在该echo中插入一行(“db connect success”);如果在代码中添加足够多的点,您将看到文本输出,直到出现错误为止。我将编辑代码以显示。
mysql_query($sql);
<?php
$hostname = "myHostName";
$username = "PreRegCustomers";
$dbname = "PreRegCustomers";
$password = "myPassword";
$usertable = "CustomerInfo";
//connect to mysql
$link_id = mysql_connect($hostname, $username, $password);
if (!$link_id) {
die("Unable to connect to database! Please try again later. error:".mysql_errno());
}
echo "connected to mysql";
//make sure your DB exists
if (!mysql_select_db($dbname)) die ("Connected to mysql but could not connect to the DB. error:".mysql_errno());
echo "connected to database";
//avoid sql_injection
$firstName = mysql_real_escape_string($_POST['firstName']);
$lastName = mysql_real_escape_string($_POST['lastName']);
$streetAddress = mysql_real_escape_string($_POST['streetAddress']);
$city = mysql_real_escape_string($_POST['city']);
$state = mysql_real_escape_string($_POST['state']);
$zip = mysql_real_escape_string($_POST['zip']);
$country = mysql_real_escape_string($_POST['country']);
$email = mysql_real_escape_string($_POST['email']);
$phone = mysql_real_escape_string($_POST['phone']);
$badgeName = mysql_real_escape_string($_POST['badgeName']);
echo "sanitised input";
//write the query
$sql = "INSERT INTO $usertable
(firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName)
VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')";
echo "build query: ".$sql;
//then you'll need to execute the query :)
if (mysql_query($sql))
echo "query success";
else
echo "query failed";
//ps you can ignore the last? >