1. 首页
  2. 问答
  3. 加入jQuery的日期到mysql

加入jQuery的日期到mysql

2013-04-22 34 views
-2

我的形式捕获从jQuery的日期选择日期,形式工作正常,无日期选取器,但有了它,它只是给这个错误:加入jQuery的日期到mysql

Error: Unknown column '$time' in 'field list'

下面是我的PHP & HTML代码

<?php 

    //form submitted 
    if (isset($_POST['create'])) { 
    //require db details 
    require_once '../dblogin.php'; 
    //set flag 
    $OK = false; 
    // create database connection 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    // initialize prepared statement 
    $stmt = $conn->stmt_init(); 
    // create SQL to insert task 
    $sql = 'INSERT INTO tasks (task_name, task_project_id, task_assignee_id, datepicker, task_created_by, task_schedule, task_duration, task_end_date, task_creation_date, task_notes, task_status) 
      VALUES(?, ?, ?, ?, '.$_SESSION['id'].', ?, ?, $time, NOW(), ?, ?)'; 

     if ($stmt->prepare($sql)) { 
     // bind parameters and execute statement 
     $stmt->bind_param('siissss', $_POST['task_name'], $_POST['task_project_id'], $_POST['task_assignee_id'], $_POST['datepicker'], $_POST['task_duration'], $_POST['task_notes'], $_POST['task_status']); 
     // execute and get number of affected rows 
     $stmt->execute(); 
      if ($stmt->affected_rows > 0) { 
      $OK = true; 
      } 
     } 
     // redirect if successful or display error 
     if ($OK) { 
     header('Location: task_confirmation.php'); 
     exit; 
     } else { 
     $error = $stmt->error; 
     } 
} 
?> 
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” 
“http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”> 
<html xmlns=”http://www.w3.org/1999/xhtml”> 
<head> 
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8” /> 
<title>Create new task</title> 
<script src="http://code.jquery.com/jquery-1.9.1.js"></script> 
<script src="http://code.jquery.com/ui/1.10.1/jquery-ui.js"></script> 
<script> 
    $(function() { 
     $("#datepicker").datepicker({dateFormat: 'yy-mm-dd' }); 
    }); 
</script> 
<link rel="stylesheet" type="text/css" href="../allcss/style.css" /> 
</head> 

<body> 

<?php 
require('../Login/includes/header.inc.php'); 
?> 

<div id="content"> 
<?php if (isset($error)) { 
    echo "<p>Error: $error</p>"; 
} ?> 
<form id="form1" method="post" action=""> 
<div id="add"> 
    <p> 
    <label for="task_name"class="title">Task name:</label> 
    <input name="task_name" type="text" class="widebox" id="task_name"> 
    </p> 
    <p> 
    <span class="title">Project: </span><select name="task_project_id" size "5"> 
    <?php 
    require_once '../dblogin.php'; 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    $stmt2 = $conn->stmt_init(); 
    //pulls project names for the select element// 
    $sql2 = 'select * from projects'; 
    $stmt2->prepare($sql2); 
    $stmt2->execute(); 
    $result = $stmt2->get_result(); 
    while($resultRow = $result->fetch_array(MYSQLI_ASSOC)) 
    { 
    var_dump($resultRow); 
     echo "<option value='".$resultRow[project_id]."'>".$resultRow[project_name]."</option>"; 

    } 
    $result->close(); 
    $stmt2->close(); 
    ?> 
    </select> 
    </p> 
    <p> 
    <span class="title">Assignee: </span><select name="task_assignee_id" size "5"> 
    <?php 
    require_once '../dblogin.php'; 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    $stmt3 = $conn->stmt_init(); 
    //pulls intern names for the select element// 
    $sql3 = "select * from users where user_role='INT'"; 
    $stmt3->prepare($sql3); 
    $stmt3->execute(); 
    $result = $stmt3->get_result(); 
    while($resultRow = $result->fetch_array(MYSQLI_ASSOC)) 
    { 
    var_dump($resultRow); 
     echo "<option value='".$resultRow[person_id]."'>".$resultRow[user_name]."</option>"; 

    } 
    $result->close(); 
    $stmt3->close(); 
    ?> 
    </select> 
    </p> 
    <p> 
    <label for="dates"class="title">Schedule for:</label> 
    <input name="datepicker" type="text" id="datepicker"/> 
    </p> 
    <p> 
    <span class="title">Duration: </span><select name="task_duration" size "1"> 
    <option value="00:30:00">30 minutes</option> 
    <option value="01:00:00">1 hour</option> 
    <option value="01:30:00">1,5 hours</option> 
    </select> 
    </p> 
    <p> 
    <label for="task_notes"class="title">Additional notes:</label> 
    <input name="task_notes" type="text" class="widebox" id="task_notes"> 
    </p> 
    <p> 
    <span class="title">task status: </span><select name="task_status" size "1"> 
    <option value="Complete">Complete</option> 
    <option value="Incomplete">Incomplete</option> 
    </select> 
    </p> 
    <p class="submit"> 
    <input type="submit" name="create" value="Create task" id="create"> 
    </p> 
</div> 
</form> 
</div> 

<?php 
require('../Login/includes/footer.inc.php'); 
?> 

</body> 
</html>

谁能帮我解决这个请

来源

2013-04-22 elmmm

+0

当您使用引号分隔字符串时,它们中的变量将不会被解析。使用'''' – 2013-04-22 09:29:41

+0

您好@elmmm您确定获取$ time变量的值吗?尝试调试。我可以看到您没有获得$ time的值。同时在插入数据库时​​使用''(双引号)来分开值 – Anish 2013-04-22 09:32:27

+0

使用准备好的语句 – 2013-04-22 09:33:46

回答

0

您正在使用单引号查询。这样$time没有扩展到变量值。你应该用双引号(")是这样的:

"INSERT INTO tasks (task_name, task_project_id, task_assignee_id, datepicker, task_created_by, task_schedule, task_duration, task_end_date, task_creation_date, task_notes, task_status) 
     VALUES(?, ?, ?, ?, ".$_SESSION['id'].", ?, ?, $time, NOW(), ?, ?)";

此外,我认为你应该使用一个参数$_SESSION['id']$time,也因为everyting来自用户不能真正信任。

来源

2013-04-22 09:30:17 Manuel

+0

你意思是我应该更新这个:$ _POST ['datepicker'] – elmmm 2013-04-22 09:34:20

+0

您询问的错误来自于在单引号中使用列名称的变量,但您也应该使用准备好的语句变量来处理所有用户输入因为我可以看到你已经用'$ _POST ['datepicker']' – Manuel 2013-04-22 09:37:08

1

出于某种原因,您没有使用$time值的准备语句(以及$ _SESSION ['id'])。

这是要么是危险的,而是你得到的错误的原因。

$sql = 'INSERT INTO tasks (task_name, task_project_id, task_assignee_id, 
     datepicker, task_created_by, task_schedule, task_duration, 
     task_end_date, task_creation_date, task_notes, task_status) 
     VALUES(?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, ?)'; 

if ($stmt->prepare($sql)) { 
// bind parameters and execute statement 
    $stmt->bind_param('siisissss', $_POST['task_name'], $_POST['task_project_id'], 
    $_POST['task_assignee_id'], $_POST['datepicker'], $_SESSION['id'], 
    $_POST['task_duration'], $time, $_POST['task_notes'], $_POST['task_status']);

它应该是,或类似的东西。你需要自己检查占位符,类型字符串和相应的值。

来源

2013-04-22 09:32:29

+0

这样做了,谢谢。语法错误,意外$ end <<它给了我这个错误的最后行 – elmmm 2013-04-22 09:38:15

+0

,听起来像一个结束符}}在某处丢失 – Manuel 2013-04-22 09:39:07

+0

@曼努埃尔感谢这是一个语法错误,它现在的作品谢谢你们 – elmmm 2013-04-22 09:49:40

相关问题

 相关问题