Php 我的代码赢了';t插入数据库
我真的想不出一个原因它不会…它看起来很好(如果它很好,我就不会在这里问) 这种情况以前发生过(参见我最近的帖子),我使用了以前项目中的代码(运行良好),但当我尝试将其用于这个特定项目时,它不起作用。我不知道为什么它在这个特定的时间不起作用,因为它以前起过作用 谁能告诉我这个问题出了什么问题吗Php 我的代码赢了';t插入数据库,php,mysql,Php,Mysql,我真的想不出一个原因它不会…它看起来很好(如果它很好,我就不会在这里问) 这种情况以前发生过(参见我最近的帖子),我使用了以前项目中的代码(运行良好),但当我尝试将其用于这个特定项目时,它不起作用。我不知道为什么它在这个特定的时间不起作用,因为它以前起过作用 谁能告诉我这个问题出了什么问题吗 <?php $hostname = "localhost"; $db_user = "#"; // change to your database password $db_
<?php
$hostname = "localhost";
$db_user = "#"; // change to your database password
$db_password = "#"; // change to your database password
$database = "#"; // provide your database name
$db_table = "#"; // leave this as is
# STOP HERE
####################################################################
# THIS CODE IS USED TO CONNECT TO THE MYSQL DATABASE
$db = mysql_connect($hostname, $db_user, $db_password);
mysql_select_db($database,$db);
?>
<?php
$date = date("Y-m-d H:i:s");
$cfname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['cfname']);
$cfname = strip_tags($cfname);
$cfname = mysql_real_escape_string($cfname);
$cfname = stripslashes($cfname);
$clname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['clname']);
$clname = strip_tags($clname);
$clname = mysql_real_escape_string($clname);
$clname = stripslashes($clname);
$cname = $cfname+$clname;
$cemail = preg_replace('#[^A-Za-z0-9@.-_ ]#i', '', $_POST['cemail']);
$cemail = strip_tags($cemail);
$cemail = mysql_real_escape_string($cemail);
$cemail = stripslashes($cemail);
$cphone = preg_replace('#[^0-9]#i', '', $_POST['cphone']);
$cphone = strip_tags($cphone);
$cphone = mysql_real_escape_string($cphone);
$cphone = stripslashes($cphone);
$caddress = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress']);
$caddress = strip_tags($caddress);
$caddress = mysql_real_escape_string($caddress);
$caddress = stripslashes($caddress);
$caddress2 = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress2']);
$caddress2 = strip_tags($caddress2);
$caddress2 = mysql_real_escape_string($caddress2);
$caddress2 = stripslashes($caddress2);
$cage = preg_replace('#[^0-9]#i', '', $_POST['cage']);
$cage = strip_tags($cage);
$cage = mysql_real_escape_string($cage);
$cage = stripslashes($cage);
$cnationality = preg_replace('#[^A-Za-z,]#i', '', $_POST['cnationality']);
$cnationality = strip_tags($cnationality);
$cnationality = mysql_real_escape_string($cnationality);
$cnationality = stripslashes($cnationality);
$flightno = $_POST['flightno'];
$flightno = strip_tags($flightno);
$flightno = mysql_real_escape_string($flightno);
$resno = $flightno*2;
if (isset($_REQUEST['Submit'])) {
# THIS CODE TELL MYSQL TO INSERT THE DATA FROM THE FORM INTO YOUR MYSQL TABLE
$sql ="INSERT INTO $db_table(cust_name,cust_email,cust_phone,cust_add,cust_add2,cust_age,cust_nationality,flight_no,resno) VALUES ('$cname','$cemail','$cphone','$caddress', '$caddress', '$caddress2', '$cage', '$cnationality', '$flightno', '$resno')";
if($result = mysql_query($sql ,$db)) {
echo '<meta http-equiv="refresh" content="35,search.php" />Thank you for
reserving your e-ticket. Your reservation number is $resno. Please keep it to
confirm your reservation. You can confirm your ticket by calling this number 1-
800-NOTAREALNUMBER or you can visit our offices located in The South Pole next
to Willy Wonkas Chocolate Factory. Have a great day! <p><a
href="search.php"><small>Click here to go back</small></a></p>';
} else {
echo "ERROR: ".mysql_error();
}
} else { echo ""?>
<form onsubmit="return validateForm()" enctype="text/plain" method="post"
action="" name="cusBooking">
<table style="text-align: left; background-color: white; width: 425px; height:
143px;" border="0" cellpadding="1" cellspacing="3">
<tbody>
<tr>
<td>
<small>First name: </small><input type="text" name="cfname" />
</td>
<td>
<small>Last name: </small><input type="text" name="clname" />
</td>
</tr>
<tr>
<td>
<small>Email: </small><input type="text" name="cemail" />
</td>
<td>
<small>Phone number: </small><input type="text" name="cphone" />
</td>
</tr>
<tr>
<td>
<small>Address: </small><input type="text" name="caddress" />
</td>
<td>
<small>Address 2: </small><input type="text" name="caddress2" />
</td>
</tr>
<tr>
<td>
<small>Age: <input type="text" name="cage" />
</td>
<td>
<small>Nationality: </small><input type="text" name="cnationality" />
</td>
</tr>
<tr>
<td>
<input name="flightno" value='<?php echo "$flightno"?>' type="hidden">
</td>
<td>
<input name="Submit" type="image" tabindex="5" src="images/flight_button.png"
value="Submit Your Site" />
</td>
</tr>
</tbody>
</table>
</form>
<?php
}
?>
“$CadAddress”
如果查询中有两次,请使用参数防止出现类似问题,检查
或者至少更好地格式化您的代码,这样这样错误就可以更好地显示出来。您有:
if (isset($_REQUEST['Submit'])) {
因此,只有当表单数据(或cookie!!)有一个名为Submit
且值为真的参数时,才会运行数据库插入代码
表单通常不会提交这样的值,因为名为submit
的控件是图像输入(在某些浏览器中,它只提交submit.x
和submit.y
(PHP将其重命名为submit\ux
和submit\uy
)
您还有enctype=“text/plain”
如果任何浏览器实际上支持enctype属性的该值,那么它将不会以结构化格式编码数据,因此PHP无法从中提取任何参数。如果您告诉我们错误是什么,这将有所帮助…使用mysql\u real\u escape\u string
转义数据,然后立即取消转义使用stripslashes
是完全疯狂的。我完全不知道lol感谢你的建议,最疯狂的是用空格替换所有非字母数字+有限的其他字符选择器(除了我认为这会失败,因为你没有使regex全局化)然后在上面运行strip\u tags
。将
替换为空字符串后,将剩下哪些标记?没有错误。它刷新时就像发布了数据一样,但当我检查时,没有提交任何数据
if (isset($_REQUEST['Submit'])) {