Php将空白数据插入表中
[英]Php inserts blank data into table
问题描述
我的代码将空记录插入MySQL表“激活”而不是获取数据activate.html。 它调用了我剥离的activate.php。 我还应该补充说我是php新手,但我知道注入攻击。 我最初解决了一些安全问题,但正如我所说,已经剥离了代码以找到问题的根源。 此外,当我回显表单字段时,它们会填充,而不是填充到MySql表中。 有什么想法吗? 先感谢您。
<?php
$host = "host"; // Host name
$username = "user"; // Mysql username
$password = "pass"; // Mysql password
$db_name = "db"; // Database name
$tbl_name = "activate"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db("$db_name") or die("cannot select DB");
// Get values from form
if (isset($_POST['submit'])) {
$esn = mysql_real_escape_string($_POST['esn']);
$esnverify = mysql_real_escape_string($_POST['esnverify']);
$zip = mysql_real_escape_string($_POST['zip']);
$comments = mysql_real_escape_string($_POST['comments']);
}
// Insert data into mysql
$sql = "INSERT INTO $tbl_name (esn, esnverify, zip, comments) VALUES ('$esn', '$esnverify', '$zip', '$comments')";
$result = mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if ($result) {
echo "Successful";
echo "<br />";
echo $_POST['esn'];
echo "<br />";
echo $_POST['esnverify'];
echo "<br />";
echo $_POST['zip'];
echo "<br />";
echo $_POST['comments'];
echo "<br />";
echo "<a href='thankyou.html'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
Activate.html
<form method="post" action="activate.php">
<p><b>ESN:</b> <input type="text" id="esn" name="esn" maxlength="50"><br/>
<b>Confirm ESN:</b> <input type="text" name="esnverify" id="esnverify" maxlength="50"><br/>
<b>Zip:</b> <input type="text" name="zip" id="zip" maxlength="5"><br/>
<p>Your comments:<br />
<textarea name="comments" rows="10" cols="40" id="comments" maxlength="500"></textarea></p>
<p><input type="submit" value="Send it!"></p></form>
2 个解决方案
解决方案1
1 2013-06-11 18:47:12
即使未设置$_POST['submit'] (在这种情况下,您的变量也没有值),您的代码仍会尝试将数据插入表中。 这就是为什么有空行。
正如Lion在评论中所说,由于您的提交按钮没有名称属性,因此永远不会设置$_POST['submit'] ,因此您将始终插入空白数据。
解决方案2
1 已采纳 2013-06-11 18:47:53
<?php
$host = "host"; // Host name
$username = "user"; // Mysql username
$password = "pass"; // Mysql password
$db_name = "db"; // Database name
$tbl_name = "activate"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db("$db_name") or die("cannot select DB");
// Get values from form
if (isset($_POST['submit'])) {
$esn = mysql_real_escape_string($_POST['esn']);
$esnverify = mysql_real_escape_string($_POST['esnverify']);
$zip = mysql_real_escape_string($_POST['zip']);
$comments = mysql_real_escape_string($_POST['comments']);
// Insert data into mysql
$sql = "INSERT INTO $tbl_name (esn, esnverify, zip, comments) VALUES ('$esn', '$esnverify', '$zip', '$comments')";
$result = mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if ($result) {
echo "Successful";
echo "<br />";
echo $_POST['esn'];
echo "<br />";
echo $_POST['esnverify'];
echo "<br />";
echo $_POST['zip'];
echo "<br />";
echo $_POST['comments'];
echo "<br />";
echo "<a href='thankyou.html'>Back to main page</a>";
}
else {
echo "ERROR";
}
}
?>
<?php
// close connection
mysql_close();
?>
另外,在html代码中更改此内容:
将name ='submit'添加到输入字段/提交按钮。
从一个表中选择数据,然后使用PHP将其插入到现有表中
[英]Select data from one table and inserts it into an existing table using PHP
当mysql表,php,html中没有数据时,显示“无数据”或空白
[英]Show 'No Data' or blank when there are no data in mysql table, php, html
PHP代码使用_POST方法在MySql数据库中插入空白记录
[英]PHP Code inserts Blank Records in MySql database with _POST method
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.