使用php将表单中的数据输入数据库
我正试图将数据输入数据库,但我一直收到一个错误。我不知道问题出在哪里。代码如下:使用php将表单中的数据输入数据库,php,mysql,Php,Mysql,我正试图将数据输入数据库,但我一直收到一个错误。我不知道问题出在哪里。代码如下: <?php $sql = "INSERT INTO $db_table (title,group,overlapok,userid,name,phone,email,description,managers,location,notify,notifyman, remind,remindman,appmsg,viewaccess,viewulist,viewclist,makeaccess,makeul
<?php
$sql = "INSERT INTO $db_table (title,group,overlapok,userid,name,phone,email,description,managers,location,notify,notifyman,
remind,remindman,appmsg,viewaccess,viewulist,viewclist,makeaccess,makeulist,makeclist,showappinfo)
VALUES ('".mysql_real_escape_string(stripslashes($_REQUEST['txtTitle'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkGroupCal'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkAllowOverlap'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtUserID'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtOwner'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtPhone'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtEmail'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtDesc'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtManagers'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtLocation'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkNotifyMe'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkNotifyMgrs'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkRemind'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkRemindMan'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtAppText'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['selViewBlockRestr'])).
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtViewBlocksUserID']))
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtViewBlocksCourseID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['selMakeApptRestr']))."','".mysql_real_escape_string(stripslashes($_REQUEST['txtMakeApptUserID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['txtMakeApptDptID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['chkShowAppInfo']))."')";
if($result = mysql_query($sql,$db))
{
echo '<h1>Thank you</h1> Your information has been entered into our database<br><br>
<p> <a href="viewcalendar.page.php"> View Calendar </a> </p>
<img src="eDiary.jpg"';
}
else
{
echo "ERROR: ";
} ?>
在需要在查询中使用用户输入的情况下,您需要参数化查询
这是我讨论同一问题的另一个话题
依靠消毒输入是非常糟糕的做法,最终会咬到你 那么,错误是什么呢?另外,不鼓励使用mysql_uu函数,“改用PDO或MySQLi”。您的代码以反勾号开始。那是错误的。另外,您会遇到什么错误?请先尝试一个小得多的查询。另外,还要检查您发布的代码的语法(另外,您可能在使用本网站的编辑工具时遇到了困难,请让自己对这些工具更熟悉一些)。如果缺少确切的错误消息,请将其添加到您的问题中,以便清楚您实际遇到的错误。请。它们不再得到维护,社区已经开始。看到了吗?相反,你应该学习并使用或。如果你不能决定哪一个,我会帮你的。如果您选择PDO,。有时回显我们的查询非常有用。我建议您在运行查询之前回显$sql变量。更多的过度打印mysql错误可以帮助您发现问题。
<?php
$dsn = 'mysql:host=localhost;dbname=eDiary';
$user = 'root';
$password = '';
try
{
$db = new PDO($dsn,$user,$password);
$db -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);}
catch (PDOException $e) {
echo 'Connection Failed: ' . $e->getMessage();
}
$result = $db->exec("INSERT INTO wassCalendar(title, group, overlapok, userid, name, phone, email, description, managers, location, notify, notifyman, remind,
remindman, appmsg, viewaccess, viewulist, viewclist, makeaccess, makeulist, makeclist, showappinfo)
VALUES($txtTitle, $chkGroupCal, $chkAllowOverlap, $txtUserID, $txtOwner, $txtPhone, $txtEmail, $txtDesc, $txtManagers,
$txtLocation, $chkNotifyMe, $chkNofityMgrs, $chkRemind, $chkRemindMan, $txtAppText, $selViewBlockRestr,
$txtViewBlocksUserID, $txtViewBlocksCourseID, $selMakeApptRestr, $txtMakeApptUserID, $txtMakeApptDptID,
$chkShowAppInfo)";
$insert_id = mysql_insert_id();
?>