1. 首页
  2. 问答
  3. 为什么我的PHP的形式提交的工作我的SQL数据库

为什么我的PHP的形式提交的工作我的SQL数据库

2016-02-12 64 views
-2

为什么我的PHP的形式提交的工作我的SQL数据库

<html> 
 
    
 
    <head> 
 
     <title>Add a New Open Mic</title> 
 

 
    </head> 
 
    
 
    <body> 
 
     <?php 
 
     if(isset($_POST['add'])) { 
 
$servername = "localhost"; 
 
$username = "*"; 
 
$password = "*"; 
 
$dbname = "mlcarelo_wrdp2"; 
 

 
// Create connection 
 
$conn = new mysqli($servername, $username, $password, $dbname); 
 

 
// Check connection 
 
if ($conn->connect_error) { 
 
    die("Connection failed: " . $conn->connect_error); 
 
      } 
 
      
 
      if(! get_magic_quotes_gpc()) { 
 
\t \t \t $State= addslashes ($_POST['State']); 
 
\t \t \t $City= addslashes ($_POST['City']); 
 
\t \t \t $Place= addslashes ($_POST['Place']); 
 
\t \t \t $Address= addslashes ($_POST['Address']); 
 
\t \t \t $Day= addslashes ($_POST['Day']); 
 
\t \t \t $Time= addslashes ($_POST['Time']); 
 
\t \t \t $Host= addslashes ($_POST['Host']); 
 
\t \t \t $Contact= addslashes ($_POST['Contact Information']); 
 

 
      }else { 
 
\t \t \t $State= addslashes ($_POST['State']); 
 
\t \t \t $City= addslashes ($_POST['City']); 
 
\t \t \t $Place= addslashes ($_POST['Place']); 
 
\t \t \t $Address= addslashes ($_POST['Address']); 
 
\t \t \t $Day= addslashes ($_POST['Day']); 
 
\t \t \t $Time= addslashes ($_POST['Time']); 
 
\t \t \t $Host= addslashes ($_POST['Host']); 
 
\t \t \t $Contact= addslashes ($_POST['Contact Information']); 
 
      } 
 
      
 
      
 
      
 
      $sql = "INSERT INTO 'responses' (State,City, Place, 
 
       Address, Day, Time, Host, Contact Information)VALUES('$State','$City','$Place', '$Address', '$Day', '$Time', '$Host', '$Contact'); 
 
       
 
      mysql_select_db('mlcarelo_wrdp2'); 
 
      $retval = mysql_query($sql, $conn); 
 
      
 
      if(! $retval) { 
 
       die('Could not enter data: ' . mysql_error()); 
 
      } 
 
      
 
      echo "Entered data successfully\n"; 
 
      
 
      mysql_close($conn); 
 
     }else { 
 
      
 
      } 
 
       <form method = "post" action = "<?php $_PHP_SELF ?>"> 
 
        <table width = "400" border = "0" cellspacing = "1" 
 
        cellpadding = "2"> 
 
        
 
        <tr> 
 
         <td width = "100">State</td> 
 
         <td><input name = "State" type = "text" 
 
          id = "State"></td> 
 
        </tr> 
 
        
 
        <tr> 
 
         <td width = "100">City</td> 
 
         <td><input name = "City" type = "text" 
 
          id = "City"></td> 
 
        </tr> 
 
        
 
        <tr> 
 
         <td width = "100">Place</td> 
 
         <td><input name = "Place" type = "text" 
 
          id = "Place"></td> 
 
        </tr> 
 
        <tr> 
 
         <td width = "100">Address</td> 
 
         <td><input name = "Address" type = "text" 
 
          id = "Address"></td> 
 
        </tr> 
 
\t \t \t \t \t <tr> 
 
         <td width = "100">Day</td> 
 
         <td><input name = "Day" type = "text" 
 
          id = "Day"></td> 
 
        </tr> 
 
\t \t \t \t \t <tr> 
 
         <td width = "100">Time</td> 
 
         <td><input name = "Time" type = "text" 
 
          id = "Time"></td> 
 
        </tr> 
 
\t \t \t \t \t <tr> 
 
         <td width = "100">Host</td> 
 
         <td><input name = "Host" type = "text" 
 
          id = "Host"></td> 
 
        </tr> 
 
\t \t \t \t \t <tr> 
 
         <td width = "100">Contact Information</td> 
 
         <td><input name = "Contact Information" type = "text" 
 
          id = "Contact Information"></td> 
 
        </tr> 
 
        <tr> 
 
         <td width = "100"> </td> 
 
         <td> </td> 
 
        </tr> 
 
        
 
        
 
        
 
        </table> 
 
       </form> 
 
      
 
      <? 
 
    
 
    </body> 
 
</html>

我怎样才能让我的形式工作,使用户可以输入信息并提交进入SQL数据库?我并不真正理解Form = action。我正在使用wordpress。我已经成功地将表从我的数据库中显示,所以我知道我的PHP编码开头是正确的,并且查询应该是正确的。

来源

2016-02-12 Marcie Carelock

+0

无处发现表单提交代码! –

+1

**错字**: - 您错过了$ sql中的结束字符串。写''联系')“; –

+0

访问者应该如何告诉页面处理信息?是否有一个名为”add“的提交按钮? – Alfasatwi

回答

0

您在混合mysql_mysqli_。使用mysqli_只:

$sql = "INSERT INTO responses (State, City, Place, Address, Day, Time, Host, ContactInformation) VALUES ('$State', '$City', '$Place', '$Address', '$Day', '$Time', '$Host', '$Contact')"; 
$retval = mysqli_query($conn, $sql); 
if(! $retval) { 
    die('Could not enter data: ' . mysqli_error()); 
} 
echo "Entered data successfully\n"; 
mysqli_close($conn);

还有一些在查询一些语法错误,如表名不包含在' '中。请注意,您不需要使用mysqli_select_db,您已经在您的连接字符串中执行了此操作。我确信你的列Contact Information在你的表中没有空白,所以你也需要纠正这个问题。我用ContactInformation,确定这是正确的。

旁注:

数据插入这种方式是SQL注入敞开的。使用准备好的语句!

来源

2016-02-12 09:53:23 baao

+0

我可以有更多的语法错误的例子吗?我已经改变了所有出现的东西。当我刷新我的页面时,人们的答案正在消失,我的主题被低估了 –

+0

'$ Day '。为什么你不简单看看mysqli_error输出是什么? – baao

+0

解析错误:语法错误,意外的'<'in /home3/mlcarelock/public_html/wp-content/plugins/insert-php/insert_php.php(48):eval ()的第50行代码 –

相关问题

 相关问题