我有用于在表格中发送它的文本框,文本区域和PHP代码。当我试图提交表单时,它变得空白,甚至其他部分也不起作用。我无法插入文本区域值
代码 -
<form action="" method="post" class="niceform">
<fieldset>
<dl><dd> </dd></dl>
<dl>
<dt>
<label for="service">Service Name:</label>
</dt>
<dd><input type="text" name="service_name" id="" size="39" /></dd>
</dl>
<dl>
<dt><label for="comments">Comments:</label></dt>
<dd>
<textarea name="comments" id="comments" rows="5" cols="36"></textarea>
</dd>
</dl>
<dl class="submit">
<input type="submit" name="submit" id="submit" value="Submit" />
<br />
<br />
</dl>
<?php
$service_name = $_POST['service_name'];
$comment = $_POST['comments'];
mysql_connect("localhost","root","");
mysql_select_db("easylaw");
$query = "INSERT INTO service_cat VALUES('','$service_name','$comment')";
mysql_query($query);
$result = mysql_affected_rows();
if($result==1)
{
?>
<div class="valid_box">Your Record Submitted. </div>
<?php
}
else
{
?>
<div class="warning_box">Something is Wrong.</div>
}
<?php
?>
</fieldset>
</form>
任何机构可以告诉我什么都可以,这样它不会,并没有什么太出了问题..
谢谢:)
什么是在$ _ POST的内容?后续代码var_dump($ _ POST); – 2012-03-20 12:27:10
http://bobby-tables.com/ – Quentin 2012-03-20 12:28:20
您的脚本容易受到通过SQL注入篡改数据库的攻击。请在'$ service_name = mysql_real_escape_string($ _ POST ['service_name']);' – 2012-03-20 12:29:18