将信息从PHP发布到数据库
我一辈子都搞不懂为什么我在表单运行时输入的信息不会输入到我链接到它的数据库中。当我手动输入时,数据库中的信息就会显示出来,删除按钮可以删除数据库中的部分,但是使用php表单添加内容不起作用。请帮忙将信息从PHP发布到数据库,php,mysql,Php,Mysql,我一辈子都搞不懂为什么我在表单运行时输入的信息不会输入到我链接到它的数据库中。当我手动输入时,数据库中的信息就会显示出来,删除按钮可以删除数据库中的部分,但是使用php表单添加内容不起作用。请帮忙 <?php // A simple PHP script demonstrating how to connect to MySQL. $servername = getenv('IP'); $username = getenv('C9_USER'); $password = "potato12
<?php
// A simple PHP script demonstrating how to connect to MySQL.
$servername = getenv('IP');
$username = getenv('C9_USER');
$password = "potato12";
$database = "c9";
$dbport = 3306;
// Create connection
$db = new mysqli($servername, $username, $password, $database, $dbport);
// Check connection
if ($db->connect_error) {
die("Connection failed: " . $db->connect_error);
}
echo "Connected successfully (".$db->host_info.")";
$thisPHP = $_SERVER['PHP_SELF'];
echo <<<EOT
<form action="$thisPHP" method="POST">
Name: <input type="text" name="Name"> Address: <input type="text" name="Address"><br>
Phone: <input type="text" name="Phone"> Email: <input type="text" name="Email"><br>
Availability: <input type="Radio" name="Availability" Value="Now"> Now(<1 month) <input type="Radio" name="Availability" value="Soon"> Soon(1-3 months) <input type="Radio" name="Availability" value="Exploring"> Exploring(3+ months)<br>
Company Title: <input type="text" name="Title"><br>
Job Title: <input type="text" name="Job Title"><br>
Description: <input type="text" name="Description"><br>
Skill 1 <select name="Skill1">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option>
</select>
Skill 2 <select name="Skill2">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option></select>
Skill 3 <select name="Skill3">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option></select><br>
Experiance <select name="Experiance">
<option>0</option><option>1-3</option><option>3-5</option><option>5-10</option><option>10+</option></select><br>
Position: <input type="radio" name="Position" value="Team-Member"> Team-Member <input type="radio" name="Position" value="Team-Leader"> Team-Leader <input type="radio" name="Position" value="Manager"> Manager <input type="radio" name="Position" value="Executive"> Executive <br>
<input type="submit" name="Add" value="Add"> <br>
<hr>
</form>
您的代码易受SQL注入攻击。您应该使用或准备带有绑定参数的语句,如中所述。这是一个好主意,我不这么认为!多谢各位@TurtleTread@Fred-ii-当我进行错误检查和报告时,我没有发现任何错误,也没有语法错误或它发现的任何东西,这就是为什么我对它不能正常工作如此迷茫的原因。@Turtletrade我实际上看到了它,但仍然不能正常工作Sadlyn从未真正弄明白这一点,刚刚放弃的代码易受SQL注入攻击。您应该使用或准备带有绑定参数的语句,如中所述。这是一个好主意,我不这么认为!多谢各位@TurtleTread@Fred-ii-当我进行错误检查和报告时,我没有发现任何错误,也没有语法错误或它发现的任何东西,这就是为什么我对它不能正常工作如此迷茫的原因。@Turtletrade我确实看到了它,但仍然无法正常工作。Sadlyn从未真正发现这一点,只是放弃了
// Start executing the script
$id = $_POST["ID"];
$Name = $_POST["Name"];
$Email = $_POST["Email"];
$Phone = $_POST["Phone"];
$Address = $_POST["Address"];
$Availability = $_POST["Availability"];
$Ctitle = $_POST["Title"];
$Jtitle = $_POST["Job Title"];
$Description = $_POST["Description"];
$Skill1 = $_POST["Skill1"];
$Skill2 = $_POST["Skill2"];
$Skill3 = $_POST["Skill3"];
$Experiance = $_POST["Experiance"];
$Position = $_POST["Position"];
// At least name must be specified
if (!empty($name)){
// Form sql string
$sql = "insert into Employee (ID, Name, Phone, Email, Address, Availability, Title, Job Title, Description, Skill1, Skill2, Skill3, Experiance, Position ) values ('$id', '$Name', '$Phone', '$Email', '$Address' , '$Availability' , '$Ctitle' , '$Jtitle' , '$Description' , '$Skill1' , '$Skill2' , '$Skill3', '$Experiance' , '$Position')";
if ($db->query ($sql) == TRUE)
{
echo "Record added <br>";
}
}
// Check if delete is selected
if (isset($_POST['btnDelete'])) {
$gid = $_POST['gid'];
$sql = "delete from Employee where id='$id'";
if ($db->query ($sql) == TRUE)
{
echo "Record deleted <br>";
}
}
else if (isset($_POST['btnEdit'])) {
$sql = "select * from Employee where id='$id'";
if (($result = $db->query ($sql)) == TRUE)
{
while($row = $result->fetch_assoc()) {
$id = $_POST["ID"];
$Name = $_POST["Name"];
$Email = $_POST["Email"];
$Phone = $_POST["Phone"];
$Address = $_POST["Address"];
$Availability = $_POST["Availability"];
$Ctitle = $_POST["title"];
$Jtitle = $_POST["Job Title"];
$Description = $_POST["Description"];
$Skill1 = $_POST["Skill1"];
$Skill2 = $_POST["Skill2"];
$Skill3 = $_POST["Skill3"];
$Experiance = $_POST["Experiance"];
}
}
echo <<<EOE
<form action="$thisPHP" method="POST">
Name: <input type="text" name="name"> Address: <input type="text" name="Address"><br>
Phone: <input type="text" name="phone"> Email: <input type="text" name="email"><br>
Availability: <input type="Radio" name="Availability" Value="Now"> Now(<1 month) <input type="Radio" name="Availability" value="Soon"> Soon(1-3 months) <input type="Radio" name="Availability" value="Exploring"> Exploring(3+ months)<br>
Company Title: <input type="text" name="title"><br>
Job Title: <input type="text" name="Job Title"><br>
Description: <input type="text" name="description"><br>
Skill 1 <select name="skill1">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option>
</select>
Skill 2 <select name="skill2">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option></select>
Skill 3 <select name="skill3">
<option>Organized</option><option>Works in a team</option><option>Problem Solving</option></select><br>
Experiance <select name="experiance">
<option>0</option><option>1-3</option><option>3-5</option><option>5-10</option><option>10+</option></select><br>
Position: <input type="radio" name=Position" value="Team-Member"> Team-Member <input type="radio" name=Position" value="Team-Leader"> Team-Leader <input type="radio" name=Position" value="Manager"> Manager <input type="radio" name=Position" value="Executive"> Executive <br>
<input type="submit" name="Add" value="Add"> <br>
<hr>
</form>
// Show rows
$sql = "SELECT * FROM Employee";
$result = $db->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc())
{
$id = $row["ID"];
echo
"id: " . $id . " - Name: " . $row["Name"] .
" - Email: " . $row["Email"] .
" - Phone: " . $row["Phone"] .
" - Address: " . $row["Address"] .
" - Availability: " . $row["Availability"] .
" - Company Title: " . $row["Company Title"] .
" - Job Title: " . $row["Job Title"] .
" - Description: " . $row["Description"] .
" - Skill 1: " . $row["Skill1"] .
" - Skill 2: " . $row["Skill2"] .
" - Skill 3: " . $row["Skill3"] .
" - Experiance: " . $row["Experiance"];
echo " <form action=\"$thisPHP\" method='post' style=\"display:inline\" >";
echo "<input type='hidden' name='id' value='$id'>";
echo "<input type='submit' name='btnEdit' value='Edit'> ";
echo "<input type='submit' name='btnDelete' value='Delete'> </form>" . "<br>";
}
} else
{
echo "0 results";
}
$db->close();