Php 表单提交后清空数据库记录
我试图将表单数据保存到数据库中,但得到的只是空记录。 我尝试了很多解决方案,但我真的不知道哪里出了问题。我快疯了 这是我的表格:Php 表单提交后清空数据库记录,php,mysql,forms,Php,Mysql,Forms,我试图将表单数据保存到数据库中,但得到的只是空记录。 我尝试了很多解决方案,但我真的不知道哪里出了问题。我快疯了 这是我的表格: <head> 名称: 自动回复: 描述: CKEDITOR.replace('editordescription'); 错误: 数据: 这是我保存记录的PHP脚本: <?php // check if the form has been submitted. If it has, start to process t
<head>
名称:
自动回复:
描述:
CKEDITOR.replace('editordescription');
错误:
数据:
这是我保存记录的PHP脚本:
<?php
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$name = mysqli_real_escape_string(htmlspecialchars($_POST['name']));
$author = mysqli_real_escape_string(htmlspecialchars($_POST['author']));
$description = mysqli_real_escape_string(htmlspecialchars($_POST['description']));
$misure = mysqli_real_escape_string(htmlspecialchars($_POST['misure']));
$date = mysqli_real_escape_string(htmlspecialchars($_POST['date']));
$status = mysqli_real_escape_string(htmlspecialchars($_POST['status']));
}
$servername = "xxxxxxx";
$username = "xxxxxxx";
$password = "xxxxxxx";
$dbname = "xxxxxxxxx";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO exposition (name, author, description, misure, date, status)
VALUES ('$name', '$author', '$description', '$misure', '$date', '$status')";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
插入查询中使用的变量超出了从表单获取数据的第一个if块的范围。如果变量在第一个If块之前初始化,那么它可能会工作。如下图所示
$name = ""; $author = "";$description = "";$misure = "";$date = "";$status=";
if (isset($_POST['submit'])){ // as is}
在INSERT查询中使用的变量超出了从表单获取数据的第一个if块的范围。如果变量在第一个If块之前初始化,那么它可能会工作。如下图所示
$name = ""; $author = "";$description = "";$misure = "";$date = "";$status=";
if (isset($_POST['submit'])){ // as is}
变量名问题,例如
名称:
以及:
Misure:
。这必须是不同的
同样,
应该是
。
希望对您有所帮助。变量名问题,例如
名称:
以及:
Misure:
。这必须是不同的
同样,
应该是
。
希望,这会有帮助。首先,您在某个点混合了mysql api,您正在使用mysqli.*
在某个点使用mysql.*
它们不会混合。而mysql.*
函数被贬值,因为php的更高版本不再支持它们。最好使用mysqli或pdo。此mysql\u real\u escape\u string()
或mysqlo\u real\u escape\u string()
不够安全,无法阻止sql注入。解决方案很简单,最好从使用mysqli准备语句或pdo准备语句开始
另一个错误:
这两个输入字段具有相同的名称属性,php将只读取一个。您将在这里得到一个未定义的索引$misure=$\u POST['misure']代码>您需要在开发过程中激活错误报告,以便查看错误和注意事项:
在每个php页面的顶部添加以下内容:ini\u集('display\u errors',1);
错误报告(E_全部)代码>
另外,date
date是mysql的保留字,因此您最好在列名中使用其他字词,或者添加反斜杠date
哦,您的代码永远不会在这里执行:
为什么呢?因为您没有带有submit
属性名称的POST
值<代码>
请参见?您的提交没有名称属性。所以。这意味着
所有这些:
值(“$name”、“$author”、“$description”、“$misure”、“$date”、“$status”);
这些都是未定义的变量。我很惊讶为什么服务器不告诉您,启用错误报告功能后,您将获得所有这些变量
这就是你要解决的问题:
你的html端
<form action="uploadall.php" method="post">
Name: <input type="text" name="name"><br>
Autore: <input type="text" name="author"><br>
Descrizione: <textarea id="editordescription" name="description" cols="45" rows="15">
</textarea>
<script>
CKEDITOR.replace( 'editordescription' );
</script>
<br>Misure: <input type="text" name="misure"><br>
Data: <input type="text" name="date"><br>
<input type="hidden" name="status" value="Disattivo" size="20">
<input type="submit" name="submit">
</form>
名称:
自动回复:
描述:
CKEDITOR.replace('editordescription');
错误:
数据:
uploadall.php
<?php
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit'])) {
$servername = "xxxxxxx";
$username = "xxxxxxx";
$password = "xxxxxxx";
$dbname = "xxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//check your inputs are set and validate,filter and sanitize
$name = $_POST['name'];
$author = $_POST['author'];
$description = $_POST['description'];
$misure = $_POST['misure'];
$date = $_POST['date'];
$status = $_POST['status'];
//prepare and bind
$sql = $conn->prepare("INSERT INTO exposition (name, author, description, misure, date, status)
VALUES (?,?,?,?,?,?)");
$sql->bind_param("ssssss", $name, $author, $description, $misure, $date);
if ($sql->execute()) {
echo "New record created successfully";
} else {
//you have an error
}
$conn->close();
}
?>
那都是好运
更新:
我纠正了你告诉我的错误,我现在正在使用PDO,但它仍然存在
不起作用
我从你上面的评论中读到了这一点,但你没有告诉我们错误是什么,但我相信它们就是我在上面强调的错误
有了PDO,你将如何实现你的目标:
<?php
//connection
$servername = 'XXXXXXXXXXXXX';
$dbname = 'XXXXXXXXXXXXX';
$username = 'XXXXXXXXXXXXXX';
$password = 'XXXXXXXXX';
$charset = 'utf8';
$dsn = "mysql:host=$servername;dbname=$dbname;charset=$charset";
$opt = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false,
];
$dbh = new PDO($dsn, $username, $password, $opt);
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit'])) {
//check your inputs are set and validate,filter and sanitize
$name = $_POST['name'];
$author = $_POST['author'];
$description = $_POST['description'];
$misure = $_POST['misure'];
$date = $_POST['date'];
$status = $_POST['status'];
//prepare and bind
$stmt = $dbh->prepare("INSERT INTO exposition (name, author, description, misure, date, status)VALUES (?,?,?,?,?,?)");
if ($stmt->execute(array($name,$author,$description,$misure,$date,$status))) {
echo "New Record inserted success";
}
}
?>
首先,你在某个时候混合了mysql api,你正在使用mysqli.*
在某个时候,你使用mysql.*
它们不会混合。而且mysql.*
函数被贬低,它们不再受更高版本的php支持。最好使用mysqli或pdo。这mysql\u real\u escape\u string()
或mysqlo\u real\u escape\u string()
不够安全,无法阻止sql注入。解决方案很简单,最好从使用mysqli准备的语句或pdo准备的语句开始
另一个错误:
这两个输入字段具有相同的名称属性,php将只读取一个。您将在此处获得一个未定义的索引$misure=$\u POST['misure'];
您需要在开发过程中激活错误报告,以便查看错误和注意事项:
在每个php页面的顶部添加以下内容:ini\u集('display\u errors',1);
错误报告(E_ALL);
另外,date
date是mysql的保留字,因此您最好在列名中使用其他字词,或者添加反斜杠date
哦,您的代码永远不会在这里执行:
这是为什么?因为您没有POST
值和submit
属性名。
请参见?您的提交没有name属性。因此。这意味着
所有这些:
值(“$name”、“$author”、“$description”、“$misure”、“$date”、“$status”)代码>这些都是未定义的变量。我很惊讶为什么你的服务器不告诉你,有了错误报告功能,你就可以得到所有这些
这就是你要解决的问题:
你的html端
<form action="uploadall.php" method="post">
Name: <input type="text" name="name"><br>
Autore: <input type="text" name="author"><br>
Descrizione: <textarea id="editordescription" name="description" cols="45" rows="15">
</textarea>
<script>
CKEDITOR.replace( 'editordescription' );
</script>
<br>Misure: <input type="text" name="misure"><br>
Data: <input type="text" name="date"><br>
<input type="hidden" name="status" value="Disattivo" size="20">
<input type="submit" name="submit">
</form>
名称:
自动回复:
描述:
CKEDITOR.replace('editordescription');
错误:
数据:
uploadall.php
<?php
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit'])) {
$servername = "xxxxxxx";
$username = "xxxxxxx";
$password = "xxxxxxx";
$dbname = "xxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//check your inputs are set and validate,filter and sanitize
$name = $_POST['name'];
$author = $_POST['author'];
$description = $_POST['description'];
$misure = $_POST['misure'];
$date = $_POST['date'];
$status = $_POST['status'];
//prepare and bind
$sql = $conn->prepare("INSERT INTO exposition (name, author, description, misure, date, status)
VALUES (?,?,?,?,?,?)");
$sql->bind_param("ssssss", $name, $author, $description, $misure, $date);
if ($sql->execute()) {
echo "New record created successfully";
} else {
//you have an error
}
$conn->close();
}
?>
那都是好运
更新:
我纠正了你告诉我的错误,我现在正在使用PDO,但它仍然存在
不起作用
我从你上面的评论中读到了这一点,但你没有告诉我们错误是什么,但我相信它们就是我在上面强调的错误
有了PDO,你将如何实现你的目标:
<?php
//connection
$servername = 'XXXXXXXXXXXXX';
$dbname = 'XXXXXXXXXXXXX';
$username = 'XXXXXXXXXXXXXX';
$password = 'XXXXXXXXX';
$charset = 'utf8';
$dsn = "mysql:host=$servername;dbname=$dbname;charset=$charset";
$opt = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false,
];
$dbh = new PDO($dsn, $username, $password, $opt);
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit'])) {
//check your inputs are set and validate,filter and sanitize
$name = $_POST['name'];
$author = $_POST['author'];
$description = $_POST['description'];
$misure = $_POST['misure'];
$date = $_POST['date'];
$status = $_POST['status'];
//prepare and bind
$stmt = $dbh->prepare("INSERT INTO exposition (name, author, description, misure, date, status)VALUES (?,?,?,?,?,?)");
if ($stmt->execute(array($name,$author,$description,$misure,$date,$status))) {
echo "New Record inserted success";
}
}
?>
是否可能重复出现错误?请停止使用