[英]No prompted error and data not inserting into child table - PHP, SQL
I have a problem regarding "no prompted error and data cannot insert into child table".我有一个关于“没有提示错误且数据无法插入子表”的问题。
I have 2 tables (users and useradvert);我有 2 个表(用户和 useradvert); - The
users
is the PARENT - The useradvert
is the CHILD -
users
是父母 - users
useradvert
是孩子
users
(parent table-ID is primary key with auto increment) users
(父表 ID 是具有自动增量的主键)
useradvert
(child table-ID is index with NO auto increment) useradvert
(子表 ID 是没有自动增量的索引)
I have no problems creating a relation table.创建关系表没有问题。 The 2 tables are now related.
这两个表现在是相关的。
Then I have a login page (login.php) - runs fine no problem..然后我有一个登录页面(login.php) - 运行正常没问题..
And I have a user page (useracc-test.php)-> this is a page after a user log in successfully via login.php.我有一个用户页面 (useracc-test.php)-> 这是用户通过 login.php 成功登录后的页面。 They will be able to view their personal data and also enter their name again (any different nick name they like), color and hobby.This page display user's personal data and secondly, there is also a form where users can enter data like I said previously(name2,color and hobby).
他们将能够查看他们的个人数据并再次输入他们的姓名(他们喜欢的任何不同的昵称)、颜色和爱好。此页面显示用户的个人数据,其次,还有一个用户可以输入数据的表单,就像我说的以前(姓名2,颜色和爱好)。
I have no problem displaying the user's personal data in the user page (useracc.test.php).我在用户页面 (useracc.test.php) 中显示用户的个人数据没有问题。 This data is retrieved from parent table "user".
该数据是从父表“user”中检索的。 The problem I'm having is, I cannot insert data into the child table (useradvert).
我遇到的问题是,我无法将数据插入子表 (useradvert)。 No error prompted.
没有提示错误。
<?php
//useracc-test.php
/**
* Start the session.
*/
session_start();
ini_set('display_errors', 1);
error_reporting(E_ALL);
// require 'lib/password.php';
require 'connect-test.php';
$userName= isset($_POST['username']) ? $_POST['username'] : '';
$query = "SELECT id, name, username, telno FROM users WHERE username = ?";
$stmt = $conn->prepare($query);
$stmt->bind_param('s', $userName);
$stmt->execute();
$res = $stmt->get_result();
?>
<html>
<head>
<style type="text/css">
#apDiv2 {
position: absolute;
left: 51px;
top: 238px;
width: 237px;
height: 93px;
z-index: 1;
}
#apDiv1 {
position: absolute;
left: 134px;
top: 123px;
width: 234px;
height: 104px;
z-index: 2;
}
#apDiv3 {
position: absolute;
left: 58px;
top: 146px;
width: 219px;
height: 61px;
z-index: 2;
}
#apDiv4 {
position: absolute;
left: 302px;
top: 102px;
width: 365px;
height: 123px;
z-index: 3;
}
</style>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css">
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
</head>
<body>
Your Personal details:</p>
<p><?php while($row = $res->fetch_array()): ?>
<p><?php echo $row['id']; ?></p>
<p><?php echo $row['name']; ?></p>
<p><?php echo $row['username']; ?></p>
<p><?php echo $row['telno']; ?>
<?php
// $userid = $_POST['id'];
$stmt=$conn->prepare("INSERT INTO useradvert (id,name2,color2,hobby2) VALUES (?,?,?,?)");
$stmt->bind_param("isss", $id, $name2, $color2, $hobby2);
$stmt->execute();
if (!$stmt)
{ printf("Errormessage: %s\n", $mysqli->error);}
else {
echo "New records created successfully";}
$stmt->close();
$conn->close();
?>
<form name="form2" method="post" action="useracc-test.php">
<p>INSERT YOUR INTEREST:</p>
<p>
</p>
ID:
<input name="id" type="hidden" id="id" value="<?php echo $row['id']; ?>">
<p>Name :
<input type="text" name="name2" id="name2">
</p>
<p>
<label for="warna2"></label>
Color :
<input type="text" name="color2" id="color2">
</p>
<p>
<label for="hobi2"></label>
Hobby:
<input type="text" name="hobby2" id="hobby2">
</p>
<p>
<input type="submit" name="submit" id="submit" value="submit">
</p>
<p> </p>
</form>
<?php endwhile; ?>
</body>
</html>
--
-- Table structure for table `useradvert`
--
CREATE TABLE IF NOT EXISTS `useradvert` (
`id` int(10) unsigned NOT NULL,
`name2` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
`color2` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
`hobby2` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
`telno` varchar(11) COLLATE utf8_unicode_ci NOT NULL,
`username` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(60) COLLATE utf8_unicode_ci NOT NULL,
`date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`),
KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=96 ;
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `name`, `telno`, `username`, `password`, `date`) VALUES
(95, 'Test Name', '09999999999', 'test@test.com', '$2y$12$fqdmAQk5c8qk8Eh2TWy2n.AdNO.lFjqmi2ruSzk8tsVXcK71OcPae', '2015-12-24 05:00:13');
--
-- Constraints for dumped tables
--
--
-- Constraints for table `useradvert`
--
ALTER TABLE `useradvert`
ADD CONSTRAINT `useradvert_ibfk_1` FOREIGN KEY (`id`) REFERENCES `users` (`id`);
In your connection you're using mysqli
, in your query you're using mysql_
在您的连接中您使用的是
mysqli
,在您的查询中您使用的是mysql_
$query = sprintf("select name, username, telno FROM users WHERE username='%s'", mysqli_real_escape_string($conn, $userName));
(Change to mysqli_real_escape_string
) (更改为
mysqli_real_escape_string
)
The first problem, as lucap stated, is that you try to insert data in a table with no auto increment ID, without providing that ID.正如 lucap 所说,第一个问题是您尝试在没有自动增量 ID 的表中插入数据,而不提供该 ID。 if you look at the mysqli error you should with
print($conn->error);
如果您查看 mysqli 错误,您应该使用
print($conn->error);
you should see an error message about that.您应该会看到一条关于此的错误消息。
But there is some other errors in your script that make it fail.但是您的脚本中还有一些其他错误导致它失败。 Let's take this step by step.
让我们一步一步来。
$query = sprintf("select name, username, telno FROM users WHERE username='%s'", mysql_real_escape_string($userName));
$result = $conn->query($query);
You should test the password in this query, as right now it consider as logged an user who just send as post data the username, which is a severe security issue.您应该在此查询中测试密码,因为现在它认为已登录的用户仅将用户名作为发布数据发送,这是一个严重的安全问题。 Beside that, there is two error: you don't get the ID of the user in the query, and
mysql_real_escape_string
is deprecated.除此之外,还有两个错误:您没有在查询中获得用户的 ID,并且不推荐使用
mysql_real_escape_string
。 Considering you're using mysqli, I suggest to proceed in this way to sanitize input data:考虑到您正在使用 mysqli,我建议以这种方式处理输入数据:
$sql = sprintf("SELECT ID, name, username, telno FROM users WHERE username = '%s' AND password = '%s'", mysqli_real_escape_string($conn, $_POST['username']), mysqli_real_escape_string($conn, $_POST['password']));
$result = $conn->query($sql);
$result = $result->fetch_row();
Of course you should hash the password with the appropriate encryption you're using, because of course you don't store the password raw :)当然,您应该使用正在使用的适当加密来散列密码,因为您当然不会存储原始密码:)
So this:所以这:
<?php while($row=$result->fetch_assoc()): ?>
<?= $row['name'] ?>
</p>
<p>
<?= $row['username'] ?>
</p>
<p>
<?= $row['telno'] ?>
<?php endwhile; ?>
Will become:会变成:
<p><?php echo $row['name']; ?></p>
<p><?php echo $row['username']; ?></p>
<p><?php echo $row['telno']; ?>
So let's get on what you stumbled upon:那么让我们来看看你偶然发现的:
$sql = "INSERT INTO useradvert(name2,color2,hobby2)VALUES('$name2', '$color2','$hobby2')";
if ($conn->query($sql) === TRUE) {
if (isset($_POST['submit'])){
$name2=$_POST['name2'];
$color2=$_POST['color2'];
$hobby2=$_POST['hobby2'];
echo "You have succesfylly inserted your data. Insert another data again?";
}
else
{
die ("Error: " . $sql . "<br>" . $conn->error );
}
$conn->close();
}
This can't work for the following reasons:由于以下原因,这不起作用:
$name2
, $color2
and $hobby2
just contain true
because of this: $name2
, $color2
$hobby2
和$hobby2
只包含true
因为这个:
$name2=isset($_POST['name2']); $color2=isset($_POST['color2']); $hobby2=isset($_POST['hobby2']);
I guess what you wanted to do was in fact:我猜你想要做的实际上是:
$name2 = isset($_POST['name2']) ? $_POST['name2'] : ''; $color2 = isset($_POST['color2']) ? $_POST['color2'] : ''; $hobby2 = isset($_POST['hobby2']) ? $_POST['hobby2'] : '';
And beside those two points, this query isn't secure as it insert raw data in the query.除了这两点之外,这个查询并不安全,因为它在查询中插入了原始数据。 So the final code would be:
所以最终的代码是:
$sql = sprintf("INSERT INTO useradvert (ID, name2, color2, hobby2) VALUES (%d, '%s', '%s', '%s')", (int)$result['ID'], mysqli_real_escape_string($conn, $name2), mysqli_real_escape_string($conn, $color2), mysqli_real_escape_string($conn, $hobby2));
if($conn->query($sql) === true) {
// do your stuff
}
I think that's all, but if you still encounter issues after fixing all this, I suggest to check on $conn->error
to see any error from mysqli, and do var_dump
of your data to see if everything is ok.我想这就是全部,但是如果您在解决所有这些问题后仍然遇到问题,我建议检查
$conn->error
以查看来自 mysqli 的任何错误,并对您的数据执行var_dump
以查看是否一切正常。 Be sure too that you turned on php errors with the following:也请确保您使用以下内容打开了 php 错误:
ini_set('display_errors', 1);
error_reporting(E_ALL);
我自己解决了这个问题......我忘记了 if(isset($_POST['submit']))..LoL.我做了一些小改动只是为了添加上面的isset..现在一切正常..
you must specify the id in your insert statement.您必须在插入语句中指定 id。 add id in select statement
在select语句中添加id
$query = sprintf("select id,name, username, telno FROM users WHERE username='%s'", mysql_real_escape_string($userName));
and then:进而:
$id=$row['id'];
$sql = "INSERT INTO useradvert(id,name2,color2,hobby2)VALUES('$id','$name2', '$color2','$hobby2')";
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.