PHP表单未将数据保存到MySQL数据库
我已经创建了一个简单的表单来为我正在开发的系统创建新用户,但是由于某种原因,在处理表单时,“密码”字段没有存储在数据库中,或者至少看起来是这样的,因为表中的其余字段都填充在“密码”字段之外的所有字段中 表格代码如下:PHP表单未将数据保存到MySQL数据库,php,html,mysql,forms,Php,Html,Mysql,Forms,我已经创建了一个简单的表单来为我正在开发的系统创建新用户,但是由于某种原因,在处理表单时,“密码”字段没有存储在数据库中,或者至少看起来是这样的,因为表中的其余字段都填充在“密码”字段之外的所有字段中 表格代码如下: <form action="create_admin.php" method="post" enctype="multipart/form-data"> <div style="float:left; width:45%">
<form action="create_admin.php" method="post" enctype="multipart/form-data">
<div style="float:left; width:45%">
<!-- username -->
<p>
<label>Username:</label><br/>
<input type="text" class="text small" name="username" id="username" value="" />
<span class="note">*required</span>
</p>
<!-- password -->
<p>
<label>Password:</label><br/>
<input type="text" class="text small" name="password" id="password" value="" />
<span class="note">*required</span>
</p>
<!-- other comments -->
</div>
<div style="width:45%;float:right">
<!-- user_id_account -->
<p>
<label>Position:</label><br/>
<select name="position" class="styled" style="width:240px">
<option value="0">n/a</option>
<option value="Design" >Design</option>
<option value="Development" >Development</option>
<option value="Sales" >Sales</option>
<option value="Management" >Management</option>
</select>
</p>
</div>
<p>
<input type="submit" class="submit long" value="Save and Return" name="submit" />
</p>
</form>
<?php require_once("includes/db_connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
if (isset($_POST['submit'])) {
//Process the form
$username = mysql_prep($_POST["username"]);
$password = $_POST["password"];
$position = $_POST["position"];
$query = "INSERT INTO admin (";
$query .= " username, password, position";
$query .= " ) VALUES (";
$query .= " '{$username}', '{$password}', '{$position}' ";
$query .= ")";
echo $query;
try { $result = mysqli_query($connection, $query);
} catch (Exception $e) {
return 'Caught exception: '+ $e->getMessage()+ "\n";
}
//Test if there was a query error
if ($result) {
//Success
// would normally use a redirect ie redirect_to("somepage.php");
//$message = "Subject created.";
redirect_to("list_admins.php");
}else {
//failure
//$message = "Subject creation failed.";
//redirect_to("add_project.php");
echo $query;
}
} else {
// This is probably a GET request
redirect_to("add_admin.php");
}?>
<?php
// Close database connection
if(isset($connection)){ mysqli_close($connection); }
?>
用户名:
*必需的
密码:
*必需的
职位:
不适用
设计
发展
销售额
管理层
表格处理代码如下:
<form action="create_admin.php" method="post" enctype="multipart/form-data">
<div style="float:left; width:45%">
<!-- username -->
<p>
<label>Username:</label><br/>
<input type="text" class="text small" name="username" id="username" value="" />
<span class="note">*required</span>
</p>
<!-- password -->
<p>
<label>Password:</label><br/>
<input type="text" class="text small" name="password" id="password" value="" />
<span class="note">*required</span>
</p>
<!-- other comments -->
</div>
<div style="width:45%;float:right">
<!-- user_id_account -->
<p>
<label>Position:</label><br/>
<select name="position" class="styled" style="width:240px">
<option value="0">n/a</option>
<option value="Design" >Design</option>
<option value="Development" >Development</option>
<option value="Sales" >Sales</option>
<option value="Management" >Management</option>
</select>
</p>
</div>
<p>
<input type="submit" class="submit long" value="Save and Return" name="submit" />
</p>
</form>
<?php require_once("includes/db_connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
if (isset($_POST['submit'])) {
//Process the form
$username = mysql_prep($_POST["username"]);
$password = $_POST["password"];
$position = $_POST["position"];
$query = "INSERT INTO admin (";
$query .= " username, password, position";
$query .= " ) VALUES (";
$query .= " '{$username}', '{$password}', '{$position}' ";
$query .= ")";
echo $query;
try { $result = mysqli_query($connection, $query);
} catch (Exception $e) {
return 'Caught exception: '+ $e->getMessage()+ "\n";
}
//Test if there was a query error
if ($result) {
//Success
// would normally use a redirect ie redirect_to("somepage.php");
//$message = "Subject created.";
redirect_to("list_admins.php");
}else {
//failure
//$message = "Subject creation failed.";
//redirect_to("add_project.php");
echo $query;
}
} else {
// This is probably a GET request
redirect_to("add_admin.php");
}?>
<?php
// Close database connection
if(isset($connection)){ mysqli_close($connection); }
?>
你的试抓块不会扔任何东西。尝试类似的方法以正确插入插入。另外请注意,如果您在无法重定向之前回显
$query = "INSERT INTO admin ( username, password, position ) VALUES ( ?, ?, ? )";
echo $query; // <-- If you echo this, your php redirect won't work, unless you use Javascript
if($stmt = $connection->prepare($query)){
$stmt->bind_param('sss', $username, $password, $position);
$result = $stmt->execute();
$stmt->close();
}else die("Failed to prepare!");
$query=“插入管理员(用户名、密码、位置)值(?,?)”;
echo$query;// 如果只是你的密码有问题。请核实
如果mysql数据库中密码字段的数据类型与输入值不匹配
第一步验证后,如果问题仍然存在,请尝试在“处理”页面中回显密码值,如果该页面显示正确,请使用语法执行测试
您的代码易受SQL注入攻击。您应该继续阅读。为什么中的+
返回“捕获的异常:”+$e->getMessage()+“\n”代码>?另外,mysql\u prep()
做什么?查询是否响应?你有错误吗?如果($results)
触发(重定向或回显),您的的哪一部分会触发?您是在php中获取密码值吗?mysqli_*()
函数不会引发异常。您的try/catch块基本上是无用的。如果出现故障,函数将返回布尔值false。如果查询失败,您应该抛出mysqli\u error()
。即使查询字符串本身是100%完美的,也有太多其他原因导致查询失败。问题是我在表单处理栏中使用了完全相同的代码,不同的值被传递到不同的表中,并且一切正常?用户名和位置都保存到数据库中,只是密码字段留空?只有密码是,但您可以看到的输入只是设置为text,数据库中的类型设置为varchar,所以我不明白为什么会出现问题?为了补充这一点,我直接在phpMyAdmin中输入了SQL语句,以查看是否是我的SQL出错,但它工作正常,代码中的“密码”一词似乎在阻止什么?