PHP Mysql提交表格

Question

i am trying to submit data from a html form using php to a sql database. 我正在尝试使用php从html表单提交数据到sql数据库。 It completed up to part 5 but doesn't appear to be any actual data in any of the table rows apart from the auto increment userID. 它完成了第5部分，但除自动递增的userID之外，似乎没有任何表行中的任何实际数据。 Also is this code protected from SQL Injection? 此代码是否也免受SQL注入的保护？ Also what is the best way to input a datestamp into the SQL database? 另外，将日期戳输入到SQL数据库的最佳方法是什么？ for example a ClientSince field. 例如ClientSince字段。

Here is my clientsubmit.php 这是我的clientsubmit.php

<?php
// Create connection
echo "Made it! Part 1";
$con=mysqli_connect("xxx","xxx","xxx","xxx");
echo "Made it! Part 2";
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
$txtNam = mysql_real_escape_string($_POST["name"]);
$txtEmail = mysql_real_escape_string($_POST["email"]);
$txtSlots = mysql_real_escape_string($_POST["slotcount"]);
$txtSecurity = mysql_real_escape_string($_POST["passcode"]);
echo "Made it! Part 3";
$sql = "INSERT INTO accounts (name, email, slotCount, securityCode)     Values('$txtNam','$txtEmail','$txtSlots','$txtSecurity')";
echo "Made it! Part 4";
if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }


echo "Made it! Part 5";

mysqli_close($con);
?>

And here is my form: 这是我的表格：

<form name="form" class="form" action="clientsubmit.php" method="post">
<input type="text" name="sum2" readonly hidden="true" onChange="updatesum()"     value="1.5"/><br>
Ingame Name: <input type="text" name="name" class="txtbox" /><br><br>
Email Address: <input type="text" name="email" class="txtbox" /><br><br>
Passcode: <input type="text" name="passcode" class="txtbox2" /><br><br>
Slot Count:  <input type="text" name="slotcount" onChange="updatesum()" class="txtbox2"     value="10"/><br><br>
Per Month:  <input name="sum" readonly class="txtboxtotal" style="border: 0px;"     value="15"> Million<br><br>
<input type="submit">
</form>

Added these: 添加了以下内容：

echo "Made it here! 3 ";
echo "   ";
echo $txtNam;
echo "   ";
echo $txtEmail;
echo "   ";
echo $txtSlots;
echo "   ";
echo $txtSecurity;
echo "   ";

and it appears that the variables are not holding any data before submitted to the database. 似乎变量在提交到数据库之前没有保存任何数据。

Got it working with the help of you guys, here is the finished code: 在你们的帮助下工作了，下面是完成的代码：

<?php
// Create connection
$con=mysqli_connect("xxxx","xxxx","xxxx","xxxx");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  die();
  }
$txtNam = mysqli_real_escape_string($con, $_POST["name"]);
$txtEmail = mysqli_real_escape_string($con, $_POST["email"]);
$txtSlots = mysqli_real_escape_string($con, $_POST["slotcount"]);
$txtSecurity = mysqli_real_escape_string($con, $_POST["passcode"]);
$sql = "INSERT INTO accounts (name, email, slotCount, securityCode)     Values('$txtNam','$txtEmail','$txtSlots','$txtSecurity')";
if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }

mysqli_close($con);
?>

Answer 1

The issue is you are using mysql_real_escape_string() and using mysqli_*() 问题是您正在使用mysql_real_escape_string()和mysqli_*()

change mysql_real_escape_string() to mysqli_real_escape_string() 将mysql_real_escape_string()更改为mysqli_real_escape_string()

$txtNam = mysqli_real_escape_string($con, $_POST["name"]);
$txtEmail =  mysqli_real_escape_string($con,$_POST["email"]);
$txtSlots = mysqli_real_escape_string($con,$_POST["slotcount"]);
$txtSecurity = mysqli_real_escape_string($con,$_POST["passcode"]);

Answer 2

你上面提到submit.php ，你在投递表单clientsubmit.php 。

PHP Mysql提交表格

问题描述

2 个解决方案

解决方案1
1 已采纳 2014-03-10 07:55:12

解决方案2
0 2014-03-10 07:34:56

PHP Mysql提交表格

问题描述

2 个解决方案

解决方案1 1 已采纳 2014-03-10 07:55:12

解决方案2 0 2014-03-10 07:34:56

解决方案1
1 已采纳 2014-03-10 07:55:12

解决方案2
0 2014-03-10 07:34:56