stackoom
  简体   繁体   中英

Inserting data into database using html forms

 原文  2016-04-30 08:11:45       php/ html/ database

Question

Okay, guys. I am new at php and other server side codes.

I am able to connect successfully to my server and database. I am able to use the Insert data code to insert data with values. However, when I enter the values into the code, those are the values that get sent to the table. How do I use HTML forms to use custom data entered into text areas to show up in my database table?

For example,

when I use VALUE ('jon', 'doe') it sends those values into the database instead of the text I enter into the text areas. How do I fix this to say, enter my actual name when I fill out a web form?

Basically, I am asking how I would use web forms to manipulate data into the database. I'm so confused

3 answers

solution1
 0  2016-04-30 08:48:39

You are encouraged to use PDO (or at least mysqli) prepared statements from the first day. This way you can relatively safely insert data into your SQL statements. Please read the official manual . Be aware that PDO will emulate prepared statements by default. That can result in a security hole. Therefore you should request to switch of emulated prepared statements. 

$options       = [PDO::ATTR_EMULATE_PREPARES => false];
$pdoConnection = new PDO($dsn, $user, $password, $options);

You can then create prepared SQL statements like: 

SELECT `id`, `value` FROM `myTable` WHERE `value` = ?;

As long as the driver supports real prepared statements, the "?" will not be substituted directly, data will be separately sent after the statement. This avoids SQL injection via encoding attacks.

Please read documentation, try things out and come back if you have concrete questions.

solution2
 0  2016-04-30 08:50:06

You can build a form on one page that sends input to another page. For example:

index.php: 

<!DOCTYPE html>
<html>
  <head></head>
  <body>
    <form method="POST" action="action.php">
      <input type="text" name="message">
      <input type="submit" value="Submit">
    </form>
  </body>
</html>

Your php/MySQL code would then exist in a page called action.php which would be located in the same directory as index.php.

action.php: 

<?php
$message = $_POST['message'];
/*now you can use the $message variable in your MySQL code to insert
it into the database*/
?>

Please remember to used prepared statements and to bind your parameters in your MySQL code to prevent hacker attacks (like sql injection).

Let me know if that worked for you!

solution3
 0  2016-04-30 08:50:18

When creating a form in html you may define the following input: 

<input type="text" name="my_input">

To access the content of this particular input, after submission of the form. Use depending on what method your form is using $_GET['my_input'] or $_POST['my_input'] to retrieve the value entered in the form input.

Try to play arround with this example: 

<form action="" method="get">
    <input type="text" name="field" value="<?php print $_GET['field']; ?>">
    <input type="submit" name="s" value="Go!">
</form>
<?php

if (isset($_GET['s'])) {
    print "value of the text field: ".$_GET['field'];
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Error with Inserting Data Into a Database Using a HTML Form Inserting HTML data in mySQL database Inserting html form data to database html form data is not inserting in MySQL database using PHP and PDO Inserting data into mysql database using php in an html form Can not get data to insert to my database using html forms with PHP using codeigniter data is not inserting into the database Inserting data into database using if statement Data not inserting in the database using a modal Inserting data in database using foreach
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM