Fatal编程技术网
  • php/
  • Php 无法将表单字段输入数据库?

Php 无法将表单字段输入数据库?

php forms

Php 无法将表单字段输入数据库?,php,forms,Php,Forms,我目前遇到问题,将表单字段推入数据库。以下是我的html代码: <form action="" method="post"> <p>Gender:</p><input type="radio" value="Male" name="gender">Male</input> <input type="radio" value="Female" name="gender">Female</input><br&

我目前遇到问题,将表单字段推入数据库。以下是我的html代码:

<form action=""  method="post">
<p>Gender:</p><input type="radio" value="Male" name="gender">Male</input>
<input type="radio" value="Female" name="gender">Female</input><br>
<p>Birthday :</p>
<input type="text" placeholder="Help VITians to wish you."></input><br>
<p>Relationship :</p>
<select name="relation">
<option value="I don't want to say">I dont want to say</option>
<option value="Single">Single</option>
<option value="In a Relationship">In a Relationship</option>
</select><br><br>
<input type="submit" name="basic" value="Submit"></input>
</form>
下面是我的php代码:

<?php
  $senddata = @$_POST['basic'];

  //Password variables
  $gender = strip_tags(@$_POST['gender']);
  $birthday = strip_tags(@$_POST['birthday']);
  $relation = strip_tags(@$_POST['relation']);

  if ($senddata) {
  //If the form has been submitted ..
        //Check whether old password equals $db_password
            if (strlen($birthday) <= 4) {
             echo "Sorry! Birthday is not right! Try entering it in DD/MM/YYYY format.";
            }
            else if(empty($birthday)){
            echo "Please enter your Birthday";
            }
            else
            {
           $update_query = mysqli_query($conn,"UPDATE users SET gender='$gender', birthday='$birthday',relation='$relation' WHERE username='$user'");
           echo "Success! Your basic information has been updated!";

            }
         }
         else
         {
         }
?>
,但我无法进入数据库,而且我的php代码也没有在同一页面上显示错误消息。是否有任何错误?

首先在生日输入中输入名称设置数据库连接,如果未设置,我在代码中的任何位置都看不到$user。请检查first$user是否有任何值,然后按如下方式继续:

$update = mysqli_query($conn,"UPDATE `users` SET `gender`='".$gender."', `birthday`='".$birthday."',`relation`='".$relation."' WHERE `username`='".$user."'");
您的where条件和mysql连接也有问题

请声明$user和$conn

$user = "usernameindb";

//DATA BASE CONNECTION

$servername = "localhost";

$username = "username";

$password = "password";

$dbname = "myDB";

$conn = mysqli_connect($servername, $username, $password, $dbname);

$update_query = mysqli_query($conn,"UPDATE `users` SET `gender`='".$gender."', `birthday`='".$birthday."',`relation`='".$relation."' WHERE `username`='".$user."'");
它代表着成功的信息。。。或者请输入?$user来自何处?您是否声明了您的数据库连接$conn?没有名为“生日”的字段,应该是您这里有严重的SQL注入问题,请不要在未修复的情况下上线。当回答具有严重安全缺陷的问题时,重要的是不要在回答中复制它。理想情况下,应该建议一个修复方案,或者至少向OP说明他们面临的安全问题。@halfer好的,我明白了!!想想如果用户输入了撇号的性别值会发生什么?