我的网站很简单,我只想把我在日期选择器中选择的日期插入MySQL。(此时其插入方式为"0000-00-00 00:00:00")。
我的PHP/HTML代码是:
<form id="form_351400" class="appnitro" method="post" action="insert.php">
<div class="form_description">
<div style="width:100%;border:0px solid #000;">
<div style="float:left; width:75%;">
<h2 align="left">Samurai Digital d.o.o.</h2>
<p>
Maintenance Team
</p>
</div>
<div style="float:left; width:25%;">
<a href="index.php"><img src="samurai.png" alt="Samurai" width="150" height="150" /></a>
</div>
<div style="clear:both;"></div>
</div>
</div>
<ul >
<li id="li_0" >
<label class="description" for="element_0">Insert into DB </label>
<br/>
</li>
<li id="li_1" >
<label class="description" for="element_1" name="id" >ID </label>
<input type="text" name="id" />
</li>
<li id="li_2" >
<label class="description" for="element_3">Date </label>
<span>
<input id="element_3_1" name="element_3_1" class="element text" size="2" maxlength="2" value="" type="text">
/ <label for="element_3_1">MM</label>
</span>
<span>
<input id="element_3_2" name="element_3_2" class="element text" size="2" maxlength="2" value="" type="text">
/ <label for="element_3_2">DD</label>
</span>
<span>
<input id="element_3_3" name="element_3_3" class="element text" size="4" maxlength="4" value="" type="text">
<label for="element_3_3">YYYY</label>
</span>
<span id="calendar_3"> <img id="cal_img_3" class="datepicker" src="calendar.gif" alt="Pick a date."> </span>
<script type="text/javascript">
Calendar.setup({
inputField : "element_3_3",
baseField : "element_3",
displayArea : "calendar_3",
button : "cal_img_3",
ifFormat : "%B %e, %Y",
onSelect : selectDate
});
</script>
</li>
<li id="li_3" >
<label class="description" for="element_2" name="refid" >Refid </label>
<input type="text" name="refid" />
</li>
<li id="li_4" >
<label class="description" for="element_4" name="classification" >Classification </label>
<select name="classification">
<option value="SECRET">SECRET</option>
<option value="SECRET//NOFORN">SECRET//NOFORN</option>
<option value="CONFIDENTIAL">CONFIDENTIAL</option>
<option value="CONFIDENTIAL//NOFORN">CONFIDENTIAL//NOFORN</option>
<option value="UNCLASSIFIED">UNCLASSIFIED</option>
<option value="UNCLASSIFIED//FOR OFFICIAL USE ONLY">UNCLASSIFIED//FOR OFFICIAL USE ONLY</option>
</select>
</li>
<li id="li_5" >
<label class="description" for="element_5" name="origin" >Origin </label>
<input type="text" name="origin" />
</li>
<li id="li_6" >
<label class="description" for="element_6" name="destination" >Destination </label>
<input type="text" name="destination" />
</li>
<li id="li_7" >
<label class="description" for="element_7" name="header" >Header </label>
<input type="text" name="header" />
</li>
<li id="li_8" >
<label class="description" for="element_8" name="content" >Content </label> <textarea rows="15" cols="40" name="content"></textarea>
<br/>
</li>
<input type="Submit" />
</ul >
</form>
还有另一个连接到我的MySQL的PHP:
<?php
$id = $_POST['element_1'];
$date = $_POST['element_3_3'].'-'.$_POST['element_3_1'].'-'.$_POST['element_3_2'];
$refid = $_POST['element_2'];
$classification = $_POST['element_4'];
$origin = $_POST['element_5'];
$destination = $_POST['element_6'];
$header = $_POST['element_7'];
$content = $_POST['element_8'];
$con = mysql_connect("localhost","XXXXXX","XXXXXX");
if (!$con)
{
die('Error connecting to mysql server: ' . mysql_error());
}
mysql_select_db("XXXXXX", $con);
$sql="INSERT INTO emails (id, date, refid, classification, origin, destination, header, content)
VALUES
('$_POST[id]','$_POST[date]','$_POST[refid]','$_POST[classification]','$_POST[origin]','$_POST[destination]','$_POST[header]','$_POST[content]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con);
?>
所有其他表单都在工作,我可以添加它们,除了Date。也许是因为我把DAY/MONTH/YEAR作为一个字符串加错了。
代码中的问题是您读取了两次POST变量,第二次是不起作用的,但需要起作用的(因为它是INSERT
语句!):
在顶部,您可以看到:
$id = $_POST['element_1'];
$date = $_POST['element_3_3'].'-'.$_POST['element_3_1'].'-'.$_POST['element_3_2'];
$refid = $_POST['element_2'];
但后来你有了这个:
$sql="INSERT INTO emails (id, date, refid, classification, origin, destination, header, content) VALUES
('$_POST[id]','$_POST[date]','$_POST[refid]','$_POST[classification]','$_POST[origin]','$_POST[destination]','$_POST[header]','$_POST[content]')";
您的表单正在为refid
、classification
等设置name
属性,但表单中没有POST元素date
的值,因此您没有得到任何内容,因此它也没有插入任何内容。我猜您希望在第二行中使用$date
中的串联值,但在insert语句中没有使用$date
,而是使用不存在的$_POST[date]
。
如果您在INSERT
语句中使用顶部填充的变量而不是POST变量,您可能会发现它会有所改进,但我建议您在遵循其他人在评论中的建议时,只做权宜之计!您的代码在准备好用于实时网站之前,需要进行大量的支持和保护。
使用CDN将jquery min和ui加载到您的页面中或托管它。
在所需字段上运行日期选择器,并确保其格式符合所需格式。
<script>
$(function(){
var pickerOpts = {
dateFormat:"d MM, yy"
};
$("#date").datepicker(pickerOpts);
});
</script>
HTML
<label>Date</label><input type="text" id="date" name="date" value="<?php echo $row_config['date']; ?>">
然后更新或插入
if ($_POST) {
$date = $post['date']; //escape this string
mysql_query("UPDATE config SET date = '$date'") or die(mysql_error());
}
修改此方法以适合您的代码。我利用这一点来设定一个网站建设结束的日期。因此,我更新并打印日期字段中的值,以向管理员显示设置的日期,以防他想要更改。
对于您的代码(尚未测试,尽管过滤器是我使用的一个函数),这将在一个页面中处理所有内容。
<?php
function filter($data) // for sql injection
{
// normalize $data because of get_magic_quotes_gpc
$dataNeedsStripSlashes = get_magic_quotes_gpc();
if ($dataNeedsStripSlashes) {
$data = stripslashes($data);
}
// normalize $data because of whitespace on beginning and end
$data = trim($data);
// strip tags
$data = strip_tags($data);
// replace characters with their HTML entitites
$data = htmlentities($data);
// mysql escape string
$data = mysql_real_escape_string($data);
return $data;
}
if ($POST) {
$con = mysql_connect("localhost","XXXXXX","XXXXXX") or die("Could not connect to database! " . mysql_error());
mysql_select_db("XXXXXX");
foreach($_POST as $key => $value) { // will escape and filter post data
$post[$key] = filter($value);
}
$id = $post['element_1'];
$date = $post['date']; // change this in the database to date varchar 50 or something
$refid = $post['element_2'];
$classification = $post['element_4'];
$origin = $post['element_5'];
$destination = $post['element_6'];
$header = $post['element_7'];
$content = $post['element_8'];
// we already posted so we dont have to repost data
$sql="INSERT INTO emails (id, date, refid, classification, origin, destination, header, content)
VALUES ('$id','$date','$refid','$classification','$origin','$destination','$header','$content')";
mysql_query($sql) or die(mysql_error());
}
?>
<html>
<head>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.9/jquery-ui.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script>
$(function(){
var pickerOpts = {
dateFormat:"d MM, yy"
};
$("#date").datepicker(pickerOpts);
});
</script>
</head>
<body>
<form action="" name="formname" id="formid"> <!-- impt to have action="" -->
<!-- add all your other elements here -->
<label>Date</label><input type="text" id="date" name="date">
<!-- buttons here -->
</form>
</body>
</html>