在回答这个问题之前,我要先说明我只有六周的PHP经验和两周的MySQL经验。我试图创建一个示范网站,将接受用户输入的软件错误。表单接受用户输入,通过使用PHP,我连接到我建立的本地SQL数据库。已经建立了"bugs"数据库,并建立了bugDetails表,以包含"version"、"hardware"、"os"answers"description"字段。我已经构建了一个PHP文档来概述表单并将信息传递给SQL数据库。我还创建了两个include文件来保护数据库密码,并解决了魔术引号问题。对于我的生命,我不能得到的代码工作,我不确定为什么。非常感谢任何帮助。下面是我的代码:
bugs.php
<html>
<head>
<title>Submit a bug</title>
<style>
input {
display: inline;
width: auto;
text-align: left;
}
</style>
</head>
<body>
Please enter info about the issue you have encounted:
<form id="add_rec" name="add_record" method="post"
action="<?php echo $_SERVER['PHP_SELF'];?>">
<div>
<label for="version">Software Version:</label>
<input name="version" type="text" id="version"
size="128"
maxlength="127" />
</div>
<div>
<label for="hardware">Hardware Used: </label>
<input name="hardware" type="text" id="hardware"
size="128"
maxlength="127" />
</div>
<div>
<label for="os">Operating System: </label>
<input name="os" type="text" id="os" size="128"
maxlength="127" />
</div>
<div>
<label for="description">Describe the Issue: </label>
<input name="description" type="text" id="description" size="4000"
maxlength="3999" />
</div>
</form>
<?php
// Process data from the form
if(isset($_POST['add'])) {
include 'fix_magic_quotes.php';
include 'open_db.php';
$version = mysqli_real_escape_string($link,
$_POST['version']);
$hardware = mysqli_real_escape_string($link,
$_POST['hardware']);
$os = mysqli_real_escape_string($link,
$_POST['os']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$sql = "INSERT INTO bugDetails SET
version = '$version',
hardware = '$hardware',
os = $os,
description ='$description',
if (!mysqli_query($link, $sql)){
$output = 'Could not submit your issue to table: ' .
mysqli_error($link);
include 'output.php';
exit();
}
$output = 'Your issue has been successfully logged to table:';
include 'output.php';
} // end if
?>
</body>
</html>
open_db.php
<?php
// Log into MySQL
$link = mysqli_connect('localhost', 'andrew', 'Heruka123!');
if (!$link){
$output = 'Unable to connect to the database server.';
include 'output.php';
exit();
}
// Set database encoding
if (!mysqli_set_charset($link, 'utf8')){
$output = 'Unable to set database connection encoding.';
include 'output.php';
exit();
}
// Open the database
if (!mysqli_select_db($link, 'bugs')){
$output = 'Unable to locate the joke database.';
include 'output.php';
exit();
}
// No errors found so inform user
$output = 'Database connection established.';
include 'output.php';
?>
fix_magic_quotes.php
<?php
// Fix Magic Quotes Problem
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}// end function
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}// end if
?>
在您的bugs.php中,您的PHP是不完整的。你没有用";
来结束$sql
的分配。INSERT
的SQL语法不正确:
<?php
// Process data from the form
if(isset($_POST['add'])) {
include 'fix_magic_quotes.php';
include 'open_db.php';
$version = mysqli_real_escape_string($link, $_POST['version']);
$hardware = mysqli_real_escape_string($link, $_POST['hardware']);
$os = mysqli_real_escape_string($link, $_POST['os']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$sql = "INSERT INTO bugDetails (version, hardware, os, description) VALUES ('$version', '$hardware', $os, '$description');";
if (!mysqli_query($link, $sql)){
$output = 'Could not submit your issue to table: ' .
mysqli_error($link);
include 'output.php';
mysqli_close($link);
exit();
}
$output = 'Your issue has been successfully logged to table:';
include 'output.php';
} // end if
?>
您的sql语句中缺少分号(;),请将当前的sql语句$sql = "INSERT INTO bugDetails SET version = $version', hardware = '$hardware', os = $os, description ='$description',
更改为$sql = "INSERT INTO bugDetails SET version = $version', hardware = '$hardware', os = $os, description ='$description';
,以取代逗号(,),并放置分号(;)
谢谢