HTML表单未通过php向我的数据库提交数据
我需要帮助获取我的HTML表单以将数据提交到我的数据库(mysql)。数据库连接良好,但似乎无法将数据连接到数据库中。我使用Notepad++作为我的文本编辑器和测试工具。这是为一个项目提前在课堂上,我需要了解如何做到这一点 HTMLHTML表单未通过php向我的数据库提交数据,php,html,mysql,database,Php,Html,Mysql,Database,我需要帮助获取我的HTML表单以将数据提交到我的数据库(mysql)。数据库连接良好,但似乎无法将数据连接到数据库中。我使用Notepad++作为我的文本编辑器和测试工具。这是为一个项目提前在课堂上,我需要了解如何做到这一点 HTML @这里是Donald和一个类似的例子。这肯定会对你有帮助 祝你的项目好运 HTML代码: <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8">
@这里是Donald和一个类似的例子。这肯定会对你有帮助 祝你的项目好运 HTML代码:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Add Record Form</title>
</head>
<body>
<form action="insertrecords.php" method="post">
<p>
<label for="FirstName">First Name:</label>
<input type="text" name="firstname" id="FirstName">
</p>
<p>
<label for="LastName">Last Name:</label>
<input type="text" name="lastname" id="LastName">
</p>
<p>
<label for="Email">Email:</label>
<input type="text" name="email" id="Email">
</p>
</p>
<input class="submit" name="submit" type="submit" value="Insert">
</form>
</body>
</html>
请尝试编写代码。请随意提问您的脚本可能会出错。看看发生了什么事。即使改用。会发生什么?它是给你一个错误,还是说“Records inserted successfully.”而没有将其添加到数据库中?我明白,现在我只是想学习如何制作一个简单的表单,将数据插入数据库中。请一步一个脚印。当我在本地主机上测试它时,它不会返回任何错误或任何东西。当我使用php而不是html手动输入值进行测试时,它成功地插入了数据。这只是一个用于数据库管理的图形用户界面(有点笨拙)。@没必要,我知道得很清楚,先看这个问题。他是新来的,正在做班级作业。他需要了解php和mysqli的基本知识,然后才能学习mysqli prepare语句。不要不必要地写文章,先看问题。如果我不擅长基本的sql和php,那么他会学到什么sql注入呢。我的帖子我的答案是right@Strawberry我已经更新了Answare并修复了
sql注入
至少现在删除了否决票。回答是正确的,如果你不这样做,未来的访问者会认为这是错误的,很少有人会再次投反对票。非常感谢您投票支持我的Answare,我对我所说的一切表示歉意
<?php
$link = mysqli_connect("localhost", "root", "", "student_request");
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
if(isset($_POST['submit'])){
$techid = $_POST['techid'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$state = $_POST['state'];
$address = $_POST['address'];
$zipcode = $_POST['zipcode'];
$date = $_POST['date'];
$course = $_POST['course'];
$request = $_POST['request'];
$sql = "INSERT INTO student (TECH_ID, FIRST_NAME, LAST_NAME, PHONE_NUM, EMAIL, STATE, ADDRESS, ZIPCODE, DATE, COURSE, REQUEST_TYPE) VALUES ('$techid','$firstname','$lastname','$phone','$email','$state','$address','$zipcode','$date','$course','$request')";
if(mysqli_query($link, $sql)) {
echo "Records inserted successfully.";
} else {
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
}
mysqli_close($link);
?>
CREATE TABLE `student` (
`REQUEST_ID` int(255) NOT NULL,
`TECH_ID` int(11) NOT NULL,
`FIRST_NAME` varchar(255) NOT NULL,
`LAST_NAME` varchar(255) NOT NULL,
`PHONE_NUM` varchar(255) NOT NULL,
`EMAIL` varchar(255) NOT NULL,
`STATE` varchar(255) NOT NULL,
`ADDRESS` varchar(255) NOT NULL,
`ZIPCODE` varchar(255) NOT NULL,
`DATE` date NOT NULL,
`COURSE` varchar(255) NOT NULL,
`REQUEST_TYPE` text NOT NULL
)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Add Record Form</title>
</head>
<body>
<form action="insertrecords.php" method="post">
<p>
<label for="FirstName">First Name:</label>
<input type="text" name="firstname" id="FirstName">
</p>
<p>
<label for="LastName">Last Name:</label>
<input type="text" name="lastname" id="LastName">
</p>
<p>
<label for="Email">Email:</label>
<input type="text" name="email" id="Email">
</p>
</p>
<input class="submit" name="submit" type="submit" value="Insert">
</form>
</body>
</html>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "demo";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
if(isset($_POST['submit'])){
//USE MYSQLI_REAL_ESCAPE_STRING() TO ESCAPE SINGLE QUOTES
// AND AGAINST SQL INJECTION
$firstname = mysqli_real_escape_string($conn, $_POST['firstname']);
$lastname = mysqli_real_escape_string($conn, $_POST['lastname']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$sql = "INSERT INTO MyGuests (firstname, lastname, email)
VALUES ('$firstname', '$lastname', '$email')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
<?php
$sql = $conn->stmt_init();
$query = "INSERT INTO MyGuests (firstname, lastname, email)
VALUES (?,?,?)";
if($sql->prepare($query)){
$sql->bind_param('sss',$firstname,$lastname,$email);
$sql->execute();
echo "New record successfully inserted";
}
else
{
echo "Error inserting the record".$conn->error;
}
?>