我的数据未存储在数据库中
[英]My data is not being stored in my database
问题描述
I can't seem to figure out what is wrong with my code. 
我似乎无法弄清楚我的代码出了什么问题。 I am trying to get it to take the input from 我试图让它从输入
<form id="contact-form" action="emails.php" method="post">
<input placeholder="Please enter your email address" name="emailz" type="email" tabindex="2" required>
<input type="submit" name="submit" id="contact-submit" value="Subscribe">
</form>
and have it saved into my database. 并将其保存到我的数据库中。
Here is my PHP file: 这是我的PHP文件:
$servername = "localhost";
$username = "poweilup";
$password = "bloop";
$dbname = "poweilup_emails";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$insert = "INSERT INTO emails(addressEmail) VALUES($_POST '$emailz')";
$conn->close();
3 个解决方案
解决方案1
1 2015-05-07 20:55:38
Here is how you do the insert - 这是插入的方式-
$servername = "localhost";
$username = "poweilup";
$password = "bloop";
$dbname = "poweilup_emails";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn->prepare("INSERT INTO `emails`(`addressEmail`) VALUES(?)");
$stmt->bind_param('s', $email);
$email = $_POST('emailz');
$stmt->execute();
First you prepare the query and leave placeholders for the item variables. 首先,您准备查询并为项目变量保留占位符。 The you bind each parameter(variable) and then declare them. 您绑定每个参数(变量) ,然后声明它们。 Finally you execute the query. 最后,您执行查询。
解决方案2
1 已采纳 2015-05-07 20:57:17
To use MySQLi in a safe way, it's best to use Prepared Statements . 为了安全地使用MySQLi,最好使用Prepared Statements 。 This will prevent your users from inserting SQL injection or, possibly by mistake, inserting characters that can cause problems to your MySQL server. 这将防止您的用户插入SQL注入或可能会错误地插入可能对您的MySQL服务器造成问题的字符。
As you can see in the script below, I'm first preparing the SQL query, using a placeholder "?" 正如您在下面的脚本中看到的那样,我首先使用占位符“?”准备SQL查询。 for the item variable. 用于item变量。 After I'm binding the parameter(variable) to this placeholder. 将参数(变量)绑定到此占位符后。
Now the query is setup correctly, it's time to execute it. 现在查询已正确设置,是时候执行它了。 It's always a good habit to close anything left open once done, as it will free up memory that's no longer in use. 关闭任何打开后的东西始终是一个好习惯,因为这将释放不再使用的内存。
<?php
/* DB Info */
$servername = "localhost";
$username = "poweilup";
$password = "bloop";
$dbname = "poweilup_emails";
/* MySQLi Object */
$conn = new mysqli($servername, $username, $password, $dbname);
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
/* Prepare query */
if ($stmt = $conn->prepare("INSERT INTO emails (addressEmail) VALUES (?)")){
/* Bind POST data */
$stmt->bind_param("s", $_POST['emailz']);
/* Run query */
$stmt->execute();
/* Close statement */
$stmt->close();
}
/* Close connection */
$conn->close();
?>
解决方案3
-1 2015-05-07 21:11:21
First check if the user hasn't missed anything: 首先检查用户是否没有错过任何东西:
if (isset($_POST['emailz']) { //code here.. };
In the code here... section, store the value of emailz in a variable like this: 在code here...的code here...部分中,将emailz的值存储在这样的变量中:
$emailz = $_POST['emailz'];
Of course this may be insecure for more important data like passwords. 当然,对于更重要的数据(例如密码)来说,这可能是不安全的。 You should use the hash() function then. 您应该使用hash()函数。
For inserting the variable in DB, try this: 要在数据库中插入变量,请尝试以下操作:
$query = "INSERT INTO `user` (emailz) VALUES ('$emailz')"; $result = mysql_query($query); //inserts the variable in the DB.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.