1. 首页
  2. 问答
  3. 我的代码不会插入数据库

我的代码不会插入数据库

2012-03-28 80 views
-3

我真的不能把它难道不...它看起来罚款我一个理由(如果它是很好,我不会是在这里问)我的代码不会插入数据库

这件事发生之前(见我最近的帖子),我使用了以前项目的代码(工作正常),但是当我尝试将它用于此特定项目时,它不起作用。我不知道为什么它不会工作在这个特定的时间,因为它之前工作

任何人都可以告诉我什么是错误的查询?

<?php 
    $hostname = "localhost"; 
    $db_user = "#"; // change to your database password 
    $db_password = "#"; // change to your database password 
    $database = "#"; // provide your database name 
    $db_table = "#"; // leave this as is 

    # STOP HERE 
    #################################################################### 
    # THIS CODE IS USED TO CONNECT TO THE MYSQL DATABASE 
    $db = mysql_connect($hostname, $db_user, $db_password); 
    mysql_select_db($database,$db); 
    ?> 

    <?php 

    $date = date("Y-m-d H:i:s"); 

    $cfname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['cfname']); 
    $cfname = strip_tags($cfname); 
    $cfname = mysql_real_escape_string($cfname); 
    $cfname = stripslashes($cfname); 

    $clname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['clname']); 
    $clname = strip_tags($clname); 
    $clname = mysql_real_escape_string($clname); 
    $clname = stripslashes($clname); 

    $cname = $cfname+$clname; 

    $cemail = preg_replace('#[^[email protected]_ ]#i', '', $_POST['cemail']); 
    $cemail = strip_tags($cemail); 
    $cemail = mysql_real_escape_string($cemail); 
    $cemail = stripslashes($cemail); 

    $cphone = preg_replace('#[^0-9]#i', '', $_POST['cphone']); 
    $cphone = strip_tags($cphone); 
    $cphone = mysql_real_escape_string($cphone); 
    $cphone = stripslashes($cphone); 

    $caddress = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress']); 
    $caddress = strip_tags($caddress); 
    $caddress = mysql_real_escape_string($caddress); 
    $caddress = stripslashes($caddress); 

    $caddress2 = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress2']); 
    $caddress2 = strip_tags($caddress2); 
    $caddress2 = mysql_real_escape_string($caddress2); 
    $caddress2 = stripslashes($caddress2); 

    $cage = preg_replace('#[^0-9]#i', '', $_POST['cage']); 
    $cage = strip_tags($cage); 
    $cage = mysql_real_escape_string($cage); 
    $cage = stripslashes($cage); 

    $cnationality = preg_replace('#[^A-Za-z,]#i', '', $_POST['cnationality']); 
    $cnationality = strip_tags($cnationality); 
    $cnationality = mysql_real_escape_string($cnationality); 
    $cnationality = stripslashes($cnationality); 

    $flightno = $_POST['flightno']; 
    $flightno = strip_tags($flightno); 
    $flightno = mysql_real_escape_string($flightno); 

    $resno = $flightno*2; 

    if (isset($_REQUEST['Submit'])) { 
    # THIS CODE TELL MYSQL TO INSERT THE DATA FROM THE FORM INTO YOUR MYSQL TABLE 
    $sql ="INSERT INTO $db_table(cust_name,cust_email,cust_phone,cust_add,cust_add2,cust_age,cust_nationality,flight_no,resno) VALUES ('$cname','$cemail','$cphone','$caddress', '$caddress', '$caddress2', '$cage', '$cnationality', '$flightno', '$resno')"; 
    if($result = mysql_query($sql ,$db)) { 
    echo '<meta http-equiv="refresh" content="35,search.php" />Thank you for 

    reserving your e-ticket. Your reservation number is $resno. Please keep it to 

    confirm your reservation. You can confirm your ticket by calling this number 1- 

    800-NOTAREALNUMBER or you can visit our offices located in The South Pole next 

    to Willy Wonkas Chocolate Factory. Have a great day! <p><a 

    href="search.php"><small>Click here to go back</small></a></p>'; 
    } else { 
    echo "ERROR: ".mysql_error(); 
    } 
    } else { echo ""?> 
    <form onsubmit="return validateForm()" enctype="text/plain" method="post" 

    action="" name="cusBooking"> 
    <table style="text-align: left; background-color: white; width: 425px; height: 

    143px;" border="0" cellpadding="1" cellspacing="3"> 
    <tbody> 
    <tr> 
    <td> 
    <small>First name: </small><input type="text" name="cfname" /> 
    </td> 
    <td> 
    <small>Last name: </small><input type="text" name="clname" /> 
    </td> 
    </tr> 
    <tr> 
    <td> 
    <small>Email: </small><input type="text" name="cemail" /> 
    </td> 
    <td> 
    <small>Phone number: </small><input type="text" name="cphone" /> 
    </td> 
    </tr> 
    <tr> 
    <td> 
    <small>Address: </small><input type="text" name="caddress" /> 
    </td> 
    <td> 
    <small>Address 2: </small><input type="text" name="caddress2" /> 
    </td> 
    </tr> 
    <tr> 
    <td> 
    <small>Age: <input type="text" name="cage" /> 
    </td> 
    <td> 
    <small>Nationality: </small><input type="text" name="cnationality" /> 
    </td> 
    </tr> 
    <tr> 
    <td> 
    <input name="flightno" value='<?php echo "$flightno"?>' type="hidden"> 
    </td> 
    <td> 
    <input name="Submit" type="image" tabindex="5" src="images/flight_button.png" 

    value="Submit Your Site" /> 
    </td> 
    </tr> 
    </tbody> 
    </table> 
    </form> 
    <?php 
    } 
    ?>

来源

2012-03-28 Jamal Stanfield

+0

如果你告诉我们错误是什么,它会有所帮助...... – Quentin 2012-03-28 11:38:52

+1

用'mysql_real_escape_string'转义数据,然后立即** unescaping **它与'stripslashes'是完全疯了。 – Quentin 2012-03-28 11:39:15

+0

我绝对不知道大声笑感谢指针 – 2012-03-28 11:40:45

回答

1

你有这样的:

if (isset($_REQUEST['Submit'])) {

因此数据库insertation代码将仅在表格数据(或饼干!!)有一个名为Submit与真值参数运行。

您的形式经常不提交这样的值,命名为Submit控制是图像输入(在某些浏览器中,只有提交Submit.xSubmit.y(其中PHP将重命名为Submit_xSubmit_y)。

你也有enctype="text/plain"

如果任何浏览器实际上支持,对于enctype属性值,那么就不会编码数据以结构化的格式,因此PHP不能期望能够从中提取任何参数。

来源

2012-03-28 11:46:55 Quentin

+0

帮助。谢谢 – 2012-03-28 11:56:17

1 
"INSERT INTO $db_table(9 ITEMS) VALUES (10 ITEMS)"

'$caddress'有两次在查询,使用参数,防止问题就是这样,检查PDO

,或者好至少格式的代码,所以误以为这样可以更好地可见。

来源

2012-03-28 11:42:02

相关问题

 相关问题