Php 我想将项目代码从url传输到数据库
我想从url中获取itemcode并插入到数据库中。但未插入项目代码Php 我想将项目代码从url传输到数据库,php,mysql,Php,Mysql,我想从url中获取itemcode并插入到数据库中。但未插入项目代码 <?php $item_code = $_GET['item_code']; if (isset($_POST['submit'])) { $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $email = $_POST['email']; $phone = $_POST['phone'];
<?php
$item_code = $_GET['item_code'];
if (isset($_POST['submit'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$pincode = $_POST['pincode'];
$item_number = $_POST['item_number'];
$date = $_POST['date'];
$call_time = $_POST['call_time'];
$comment = $_POST['comment'];
$datetime = date_default_timezone_set('Asia/Kolkata');
$datetime = date("l jS \of F Y h:i:s A");
$insert_query = "insert into rlu_order(item_code,first_name,last_name,email,phone,address,city,state,pincode,item_number,date,call_time,comment,datetime) values('$item_code','$first_name','$last_name','$email','$phone','$address','$city','$state','$pincode','$item_number','$date','$call_time','$comment','$datetime')";
if (mysqli_query($con, $insert_query)) {
echo "<script>alert('Thank You for your Project order we will contact you shortly')</script>";
echo "<script>window.open('index.php','_self')</script>";
}
}
?>
您似乎正在使用GET和POST
$_GET[''] $_POST['']
我使用请求来获取我的所有值
$_REQUEST['']
在继续下一步之前,请始终执行错误检查
*在触发***提交后检查$item_代码
if (isset($_POST['submit'])) {
$item_code = ( !empty $_REQUEST['item_code'] ) ? $_REQUEST['item_code'] : '';
if( empty($item_code) )
{
//No need to continue if there's no item_code
die("We need item_code");
}
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$pincode = $_POST['pincode'];
$item_number = $_POST['item_number'];
$date = $_POST['date'];
$call_time = $_POST['call_time'];
$comment = $_POST['comment'];
$datetime = date_default_timezone_set('Asia/Kolkata');
$datetime = date("l jS \of F Y h:i:s A");
$insert_query = "insert into rlu_order(item_code,first_name,last_name,email,phone,address,city,state,pincode,item_number,date,call_time,comment,datetime) values('$item_code','$first_name','$last_name','$email','$phone','$address','$city','$state','$pincode','$item_number','$date','$call_time','$comment','$datetime')";
if (mysqli_query($con, $insert_query)) {
echo "<script>alert('Thank You for your Project order we will contact
you shortly')</script>";
echo "<script>window.open('index.php','_self')</script>";
}
}
if(isset($\u POST['submit'])){
$item\u code=(!empty$\u REQUEST['item\u code'])?$\u REQUEST['item\u code']:'';
if(空($item_代码))
{
//如果没有项目代码,则无需继续
模具(“我们需要项目代码”);
}
$first\u name=$\u POST['first\u name'];
$last_name=$_POST['last_name'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$address=$_POST['address'];
$city=$_POST['city'];
$state=$_POST['state'];
$pincode=$_POST['pincode'];
$item\u number=$\u POST['item\u number'];
$date=$_POST['date'];
$call\u time=$\u POST['call\u time'];
$comment=$_POST['comment'];
$datetime=date\u default\u timezone\u set('Asia/Kolkata');
$datetime=date(“l jS\of F Y h:i:s A”);
$insert_query=“插入rlu订单(项目代码、名字、姓氏、电子邮件、电话、地址、城市、州、pincode、项目编号、日期、通话时间、注释、日期时间)值(“$item_代码”、“$first_名称”、“$last_名称”、“$email”、“$phone”、“$address”、“$city”、“$state”、“$pincode”、“$item编号”、“$date”、“$call_时间”、“注释”、$datetime”);
if(mysqli_查询($con,$insert_查询)){
echo“警报('感谢您的项目订单,我们将与您联系
你很快就知道了“;
echo“window.open('index.php','u self');
}
}
您是否检查了$\u GET['item\u code']
值?警告:使用mysqli
时,您应该使用和将用户数据添加到查询中。不要使用字符串插值或串联来完成此操作,因为您已经创建了严重的错误。切勿将$\u POST
、$\u GET
或任何用户数据直接放入查询中,如果有人试图利用您的错误进行攻击,这可能非常有害。是的。Item_code显示在URL中,如order.php?Item_code=jubbn7是否调试了$insert_query
以查看其值的内容?数据库已连接。除了使用url从上一页获取的项目代码外,所有内容都被插入。OP似乎正确地使用了$\u GET
$_请求不太可能解决问题。