Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/280.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
数据未从PHP输入数据库_Php_Html_Forms_Submit - Fatal编程技术网
Fatal编程技术网
  • php/
  • 数据未从PHP输入数据库

数据未从PHP输入数据库

php html forms

数据未从PHP输入数据库,php,html,forms,submit,Php,Html,Forms,Submit,我试图用PHP将数据输入数据库 这是我的密码: <?php $username = 'username'; //username for database $password = 'password'; //password for database $hostname = 'localhost'; //host $db_name = 'db_testdrubin'; //name of database $db_selected = mysql

我试图用PHP将数据输入数据库

这是我的密码:

<?php
    $username = 'username'; //username for database
    $password = 'password'; //password for database
    $hostname = 'localhost'; //host
    $db_name =  'db_testdrubin'; //name of database

    $db_selected = mysqli_connect($hostname, $username, $password, $db_name)//specify database
    or die ("unable to connect");

    if(isset ($_POST['submit'])){
        $ID = ($_POST['ID']);
        $fname = ($_POST['fname']);
        $lname = ($_POST['lname']);
        $address = ($_POST['address']);
        $city = ($_POST['city']);
        $state = ($_POST['state']);
        $zip = ($_POST['zip']);
        $phone = ($_POST['phone']);
        $email = ($_POST['email']);
        $books = ($_POST['books[]']);
        $comments = ($_POST['comments']);
    }
    else{
        echo'<p>not submitted</p>';
    }
    //up until this point the code works fine

    $query = 'INSERT INTO Student VALUES ($ID, $fname, $lname, $address, $city, $state, $zip, $phone, $email, $books, $comments)';


    $success = $db_selected->query($query);

    if($success){
        $count = $db_selected->affectd_rows;
        echo '<p>$count were added</p>';
    }
    else{
        echo '<p>error</p>';
    }

?>
我知道信息是从html表单中正确读取的,因为我已经通过打印单个变量进行了检查。提交表单时,我没有收到任何错误消息,只是if/else语句中的“error”echo语句,并且没有数据输入数据库

我也试过:

if (!mysql_query($db_selected, $query)){
    echo '<p>error</p>';
}

if(!mysql\u query($db\u selected,$query)){
回显“错误”
;
}
同样的结果

改变这个

$query = 'INSERT INTO Student VALUES ($ID, $fname, $lname, $address, $city, $state, $zip, $phone, $email, $books, $comments)';

我的意思是说,如果它的字符串像“$string”,并且也使用

$db_selected->real_escape_string($stringval);
和使用

echo $db_selected->error;
检查错误。

永远不要输出无意义的固定不变的“错误”消息,尤其是当mysql可以告诉您问题所在时:
echo mysql_error()取而代之。考虑到您构建insert查询的方式,这是一个巨大的语法错误,也是一个巨大的SQL注入攻击漏洞。好了,现在我看到我的错误在查询语句本身。我将尝试找出错误所在。感谢您提供的提示,添加
echo$db_selected->error
准确地告诉了我insert语句中的错误所在。我的代码正在运行。

$ins="insert into Student (`id`,`fname`,`lname`,`address`,`city`,`state`,`zip`,`phone`,`email`,`books`,`comments`)values
  ('".$ID."','".$fname."','".$lname."','".$address."','".$city."','".$state."','".$zip."','".$phone."','".$email."','".$books."','".$comments."')"; 

mysql_query($ins); 



$ins="insert into Student (`id`,`fname`,`lname`,`address`,`city`,`state`,`zip`,`phone`,`email`,`books`,`comments`)values
  ('".$ID."','".$fname."','".$lname."','".$address."','".$city."','".$state."','".$zip."','".$phone."','".$email."','".$books."','".$comments."')"; 

mysql_query($ins);