我已经阅读了这个板上与故障排除相关的每条评论 4 小时。我希望有人能在这里向菜鸟提供一些善意的反馈。
<?php
//Join.php
define('DB_NAME', 'biblaunch');
define('DB_USER', 'xxxxxxx');
define('DB_PASSWORD', 'xxxxxxxxx');
define('DB_HOST', 'xxxxxxxxx.hostedresource.com');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can''t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['name'];
$value2 = $_POST['email'];
$value3 = $_POST['shirt'];
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value',
'$value2','$value3')";`
$result = mysql_query($sql);
mysql_close();
?>
我的HTTP/主页使用以下表单结构:
<form id="joinForm" action="join.php" method="post" accept-charset="utf-8">
<fieldset>
<div class="row-fluid">
<div class="span12">
<label class="no">Name</label>
<input name="name" placeholder="Name" type="text">
</div>
</div>
<div class="row-fluid">
<div class="span12">
<label class="no">Email</label>
<input name="email" placeholder="Email" type="text">
</div>
</div>
<div class="row-fluid">
<div class="span12">
<div class="row-fluid">
<select style="display: none;" name="shirt" class="selectpicker span12">
<option selected="selected">Select Preferred Shirt</option>
<option>Mens Style Shirt</option>
<option>Ladies Style Shirt</option>
<option>Youth/Child Shirt</option>
</select>
</div>
</div>
</div>
<div class="formFoot">
<button type="submit" class="btn">Submit</button>
提前感谢您的所有帮助
删除字符 "'"
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value',
'$value2','$value3')";`
并再次测试
嗨,
我已经在我的 PC 中尝试了您的脚本,并在查询中找到了一个额外的单引号。此外,您的选择输入隐藏在 HTML 文件中。
不要在实际项目中使用 Mysql api,因为它已弃用。请使用PDO或MYSQLi。
完整工作示例:
<?php
//join.php
define('DB_NAME', 'test');
define('DB_USER', 'root');
define('DB_PASSWORD', 'root');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can''t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['name'];
$value2 = $_POST['email'];
$value3 = $_POST['shirt'];
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value', '$value2','$value3')";
$result = mysql_query($sql) or die(mysql_error());
mysql_close();
?>
.HTML:
<!doctype html>
<head>
<title>Items</title>
</head>
<body>
<form id="joinForm" action="join.php" method="post" accept-charset="utf-8">
<fieldset>
<div class="row-fluid">
<div class="span12">
<label class="no">Name</label>
<input name="name" placeholder="Name" type="text">
</div>
</div>
<div class="row-fluid">
<div class="span12">
<label class="no">Email</label>
<input name="email" placeholder="Email" type="text">
</div>
</div>
<div class="row-fluid">
<div class="span12">
<div class="row-fluid">
<select style="" name="shirt" class="selectpicker span12">
<option selected="selected">Select Preferred Shirt</option>
<option>Mens Style Shirt</option>
<option>Ladies Style Shirt</option>
<option>Youth/Child Shirt</option>
</select>
</div>
</div>
</div>
<div class="formFoot">
<button type="submit" class="btn">Submit</button>
</div>
</fieldset>
</form>
</body>
</html>
您的代码中存在一些语法问题,我已经对其进行了修改,请检查它
<?php
//Join.php
define('DB_NAME', 'biblaunch');
define('DB_USER', 'xxxxxxx');
define('DB_PASSWORD', 'xxxxxxxxx');
define('DB_HOST', 'xxxxxxxxx.hostedresource.com');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can''t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['name'];
echo $value;
echo '<br></br>';
$value2 = $_POST['email'];
echo $value2;
$value3 = $_POST['shirt'];
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value','$value2','$value3')";
$result = mysql_query($sql);
mysql_close();
?>
你有额外的字符:
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value',
'$value2','$value3')";`
试试这个:
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value',
'$value2','$value3')";
此外,您容易进行SQL注入。在$_POST
上使用real_escape_string
首先在最后一行关闭表单标签
</form>
现在删除查询末尾的 ' 符号
以下是正确的替换它
$sql = "INSERT INTO customer (name, email, shirt) VALUES ('$value',
'$value2','$value3')";
在查询结束时