我是php的初学者。我正在使用twitter-bootstrap创建一个网站。我想存储从一个网站下拉菜单提交的数据到一个名为datawebcollectiondb的MySQL数据库。我能够在数据库中存储信息时,用户提交输入从一个打开的文本字段,但不是从下拉菜单。当下拉菜单提交时,数据库中所有字段都填充0。
首先打开的文本字段起作用了:
HTML文件:<html>
<body>
<form action="insert.php" method="post">
Number Please: <input type="text" name="directionp">
Another Number: <input type="text" name="timep">
Third Number: <input type="text" name="locationp">
Fourth Number: <input type="text" name="searchtimep">
<input type="submit">
</form>
</body>
</html>
PHP文件:
<?php
$con = mysql_connect("host", "username", "password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("timeforparkingdb", $con);
$sql="INSERT INTO datawebcollection (directionp, timeofdayp, locationp, searchtimep)
VALUES
('$_POST[directionp]','$_POST[timep]','$_POST[locationp]','$_POST[searchtimep]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 more record added =) ";
mysql_close($con);
?>
不能与上面的php文件一起工作的HTML文件,除了用0填充db:
<html>
<form action="insert.php" method="post">
<b>DIRECTION:</b>
<select name="directionp">
<option value="1">Coming</option>
<option value="2">Going</option>
</select>
<b>TIME:</b>
<select name="timep">
<option value="0">12:00am - 1:00am</option>
<option value="1">1:00am - 2:00am</option>
<option value="2">2:00am - 3:00am</option>
<option value="3">3:00am - 4:00am</option>
<option value="4">4:00am - 5:00am</option>
<option value="5">5:00am - 6:00am</option>
<option value="6">6:00am - 7:00am</option>
<option value="7">7:00am - 8:00am</option>
<option value="8">8:00am - 9:00am</option>
<option value="9">9:00am - 10:00am</option>
<option value="10">10:00am - 11:00am</option>
<option value="11">11:00am - 12:00pm</option>
<option value="12">12:00pm - 1:00pm</option>
</select>
<b>LOCATION:</b>
<select name="locationp">
<option value="1">Zone One</option>
<option value="2">Zone Two</option>
<option value="3">Zone Three</option>
<option value="4">Zone Four</option>
<option value="5">Zone Five</option>
<option value="6">Zone Six</option>
<option value="7">Zone Seven</option>
<option value="8">Zone Eight</option>
<option value="9">Zone Nine</option>
<option value="10">Zone Ten</option>
<option value="11">Zone Eleven</option>
<option value="12">Zone Twelve</option>
<option value="13">Zone Thirteen</option>
</select>
<b>SEARCH TIME HERE:</b>
<select name="searchtimep">
<option value="0">Under 1 Minute</option>
<option value="1">1 Minute - 3 Minutes</option>
<option value="5">3 Minutes - 5 Minutes</option>
<option value="10">5 Minutes - 10 Minutes</option>
<option value="15">10 Minutes -15 Minutes</option>
<option value="20">15 Minutes - 20 Minutes</option>
<option value="25">20 Minutes - 25 Minutes</option>
<option value="30">25 Minutes - 30 Minutes</option>
<option value="35">30 Minutes - 35 Minutes</option>
<option value="40">35 Minutes - 40 Minutes</option>
<option value="45">40 Minutes - 45 Minutes</option>
<option value="50">45 Minutes - 50 Minutes</option>
<option value="55">50 Minutes - 55 Minutes</option>
<option value="60">55 Minutes - 1 HOUR</option>
<option value="0">Over 1 HOUR</option>
</select>
<button type="submit" class="btn btn-large btn-primary">Submit</button>
</form>
</html>
原MySQL数据库结构:
Field Type Collation Attributes Null Default Extra Action
unique_entry_id int(11) No
dayp int(2) No
monthp int(2) No
yearp int(4) No
directionp int(1) No
timeofdayp int(2) No
locationp int(2) No
searchtimep int(2) No
到目前为止,我在数据库中看到的内容:
unique_entry_id dayp monthp yearp directionp timeofdayp locationp searchtimep
0 6 6 6 0 0 0 0
0 7 7 7 0 0 0 0
0 8 24 2345 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
值非0的行来自我运行原始代码时,只有0的行来自下拉表单。我怎样才能得到正确的相关选项值作为存储到数据库中的值?我本以为分配给选项的值,即<option value="1">Zone One</option> <option value="2">Zone Two</option>
,应该是提交给数据库的值。
我在form data
下的chrome开发控制台看到的:
direction=2&time=5&location=5&searchtime=25
,数据库仍然记录了所有0。
更正MySQL数据库结构:当前更正的数据库结构:
Field Type Collation Attributes Null Default Extra
unique_entry_id int(11) No
city_id varchar(50) utf8_general_ci No
datep date No
directionp int(1) No
timeofdayp time No
locationp int(2) No
searchtimep int(2) No
为了从我的php代码传递整数而不是文本到mySQL数据库,我已经删除了单引号:
<?php
$con = mysql_connect("", "", "");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("timeforparkingdb", $con);
$sql="INSERT INTO datawebcollection (directionp, timeofdayp, locationp, searchtimep)
VALUES
($_POST[directionp],$_POST[timep],$_POST[locationp],$_POST[searchtimep])";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Thank you for your submission! 1 more record added =) ";
mysql_close($con);
?>
第一步,为了避免SQL注入,我修改了我的HTML为:
<form action="insert.php" id="timeforparking" method="post">
<input type="submit">
</form>
:
DIRECTION:
<select form = "timeforparking" id="directionp">
<option value="1">Parking In Manhattan</option>
<option value="2">Leaving Manhattan</option>
</select>
TIME:
<select form = "timeforparking" id="timep">
<option value="0">12:00am - 1:00am</option>
<option value="1">1:00am - 2:00am</option>
<option value="2">2:00am - 3:00am</option>
<option value="3">3:00am - 4:00am</option>
<option value="4">4:00am - 5:00am</option>
<option value="5">5:00am - 6:00am</option>
<option value="6">6:00am - 7:00am</option>
<option value="7">7:00am - 8:00am</option>
<option value="8">8:00am - 9:00am</option>
<option value="9">9:00am - 10:00am</option>
<option value="10">10:00am - 11:00am</option>
<option value="11">11:00am - 12:00pm</option>
<option value="12">12:00pm - 1:00pm</option>
<option value="13">1:00pm - 2:00pm</option>
<option value="14">2:00pm - 3:00pm</option>
<option value="15">3:00pm - 4:00pm</option>
<option value="16">4:00pm - 5:00pm</option>
<option value="17">5:00pm - 6:00pm</option>
<option value="18">6:00pm - 7:00pm</option>
<option value="19">7:00pm - 8:00pm</option>
<option value="20">8:00pm - 9:00pm</option>
<option value="21">9:00pm - 10:00pm</option>
<option value="22">10:00pm - 11:00am</option>
<option value="23">11:00am - 12:00pm</option>
</select>
LOCATION:
<select form = "timeforparking" id="locationp">
<option value="1">Zone One</option>
<option value="2">Zone Two</option>
<option value="3">Zone Three</option>
<option value="4">Zone Four</option>
<option value="5">Zone Five</option>
<option value="6">Zone Six</option>
<option value="7">Zone Seven</option>
<option value="8">Zone Eight</option>
<option value="9">Zone Nine</option>
<option value="10">Zone Ten</option>
<option value="11">Zone Eleven</option>
<option value="12">Zone Twelve</option>
<option value="13">Zone Thirteen</option>
</select>
REPORT YOUR APPROXIMATE SEARCH TIME HERE:
<select form = "timeforparking" id="searchtimep">
<option value="0">Under 1 Minute</option>
<option value="1">1 Minute - 3 Minutes</option>
<option value="5">3 Minutes - 5 Minutes</option>
<option value="10">5 Minutes - 10 Minutes</option>
<option value="15">10 Minutes -15 Minutes</option>
<option value="20">15 Minutes - 20 Minutes</option>
<option value="25">20 Minutes - 25 Minutes</option>
<option value="30">25 Minutes - 30 Minutes</option>
<option value="35">30 Minutes - 35 Minutes</option>
<option value="40">35 Minutes - 40 Minutes</option>
<option value="45">40 Minutes - 45 Minutes</option>
<option value="50">45 Minutes - 50 Minutes</option>
<option value="55">50 Minutes - 55 Minutes</option>
<option value="60">55 Minutes - 1 HOUR</option>
<option value="0">Over 1 HOUR</option>
</select>
我将不得不对php做一些事情以避免注入,我不明白我需要为此做些什么,我目前正在http://php.net/manual/en/pdo.prepared-statements.php研究这个,并试图将以下内容应用于我的情况:
This example performs an INSERT query by substituting a name and a value for the named placeholders.
<?php
$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name, :value)");
$stmt->bindParam(':name', $name);
$stmt->bindParam(':value', $value);
// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
// insert another row with different values
$name = 'two';
$value = 2;
$stmt->execute();
?>
可能我的一些值是空的。接下来,我希望检查POST参数,并通过print out POST values在php代码中打印出来,具体如下:
<?php
// loop through every form field
while( list( $field, $value ) = each( $_POST )) {
// display values
if( is_array( $value )) {
// if checkbox (or other multiple value fields)
while( list( $arrayField, $arrayValue ) = each( $value )) {
echo "<p>" . $arrayValue . "</p>'n";
}
} else {
echo "<p>" . $value . "</p>'n";
}
}
?>
提交后输出
blank white screen
这是否意味着我试图将空值传递给我的db?我不再接收所有0在我的数据库,因为我知道有一个SQL错误(或者是因为我传递空白值,即。$_POST[locationp]和$_POST[searchtimep]为空?这是正确的结论吗?如果是这样,为什么它这样做?)与更新的PHP没有单引号;使用最新的PHP[如上所示,没有单引号,所以它不会作为文本发送]和上面的HTML,现在为表单使用ID标记,我收到:
"Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,)' at line 3"
当我尝试从网页提交时。因此,Chrome不显示任何关于表单值,只有"请求头"answers"响应头"被列出。
我原来的问题/帖子仍然是:从下拉菜单中存储MySQL数据库中的值?
一个相关的问题,我无法收集解决方案:插入数据从下拉到数据库与PHP
您的PHP脚本期望表单变量命名为例如directionp,但是来自Chrome的post数据显示方向(末尾没有p)
你确定你的表单元素在你的HTML中正确命名吗?从清单中可以看出是这样,但是表单数据看起来不同。