堆棧內存溢出
  簡體   English   中英

PHP 表格不會插入 MYSQL

[英]PHP form won't insert into MYSQL

 原文  2019-11-01 14:54:54       php/ html/ mysql/ database/ forms

問題描述

有很多這樣的錯誤,但這個是我的。

我有一個 PHP 票務類型表單,我想將信息插入 MYSQL 數據庫。

這是 PHP 表格:

<html lang="en" dir="ltr">
  <head>
    <meta charset="utf-8">
    <title></title>
  </head>
  <body>
    <form name="ticket-form" id="ticket-form" action="get_response.php" method="POST">
      <p>Please provide your first name: <input type="text" name="firstName" id="firstName" placeholder="John" required></p>
      <p>Please provide your last name: <input type="text" name ="lastName" id="lastName" placeholder="Smith" required></p>
      <p>Please indicate if you are a company or a contractor:
        <input type="radio" name="clientType" id="clientType" value="company">Company
        <input type="radio" name="clientType" id="clientType" value="contractor" checked>Contractor</p>
      <p>Please provide an email address: <input type="email" name="email" id="email" placeholder="John123@example.com"><br></p>
      <p>Please provide a phone number if you'd prefer: <input type="text" name="number" id="number" max="13" placeholder="07654321234"><br></p>
      <p>Please detail your query, going in to as much detail as possible: </p>
      <textarea name="query" id="query" rows="8" cols="80" placeholder="Please detail the nature of your issue, going in to as much detail as possible."></textarea><br><br>
      <input type="submit" name="submit" value="Submit">
    </form>
  </body>
</html>

這是get_response.php

<?php
require_once("config.php");
require_once("index.php");
$datetime = new DateTime();
$datestring = $datetime->format('d-m-Y H:i:s');
$first_name = mysqli_real_escape_string($conn, $_POST['firstName']);
  $second_name = mysqli_real_escape_string($conn, $_POST['lastName']);
  $client_type = mysqli_real_escape_string($conn, $_POST['clientType']);
  $email_address = mysqli_real_escape_string($conn, $_POST['email']);
  $query = mysqli_real_escape_string($conn, $_POST['query']);
  $phone_number = mysqli_real_escape_string($conn, $_POST['number']);
  $sql = "INSERT INTO
    tickets (first_name, second_name, client_type, email_address, phone_number, query)
    VALUES
    ('$first_name', '$second_name', '$client_type', '$email_address', '$phone_number', '$query')";
    if($conn->query($sql)){
      echo "<p>Thank you for your email!</p>
      <p> We aim to respond to your query as soon as possible.
      Please allow 2 business days for a response and check spam folders.</p>";
    }
    else
    {
        die('There was an error running the query [' . mysqli_error($conn) . ']');
      }
  // else
  // {
  //   echo "<p>Please supply valid information.</p>";
  // }
mysqli_close($conn);
 ?>

php config.php

將指示與 $conn 變量的成功連接,但要消除此問題:

<?php
$servername = "xxxxx";
$username = "xxxxx";
$password = "xxxxx";
$dbname = "tickets";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if($conn->connect_error){
  die("Connection failed: " . $conn->connect_error);
} ?>

php get_response.php

將空數據插入數據庫。 然而,表格並不能通過發布信息來工作。

我知道可能還有其他錯誤。 我對 PHP 和 MYSQL 非常陌生。 任何幫助深表感謝。 提前致謝。

編輯:根據要求提供一些錯誤日志。這就是今天的全部內容。

[Fri Nov 01 12:24:51.342604 2019] [mpm_event:notice] [pid 673:tid 140589056359360] AH00489: Apache/2.4.38 (Ubuntu) configured -- resuming normal operations
[Fri Nov 01 12:24:51.343298 2019] [core:notice] [pid 673:tid 140589056359360] AH00094: Command line: '/usr/sbin/apache2'

Edit2:解決了,有點。

我嘗試在我的常規 Mac OS X 操作系統中重新制作表單,它工作正常。 虛擬盒子似乎存在根本性的問題,它與現代 OS X 軟件的通信方式或某些個人配置。 雖然我可以在 Linux 命令行中連接到 mysql,但它無法通過表單工作。

1 個解決方案

解決方案1
 1  2019-11-01 15:28:11

在安裝 MS SQL 服務器時,我有 20 分鍾的空閑時間,如此迅速地重構了您的代碼,以利用prepared statements來緩解 SQL 注入攻擊。 它沒有經過測試,所以可能會有我忽略的小錯誤,但我希望它會被證明是有用的

<?php

    $status=false;

    if( $_SERVER['REQUEST_METHOD']=='POST' ){

        $errors=array();
        $args=array(
            'firstName'     =>  FILTER_SANITIZE_STRING,
            'lastName'      =>  FILTER_SANITIZE_STRING,
            'clientType'    =>  FILTER_SANITIZE_STRING,
            'email'         =>  FILTER_SANITIZE_STRING,
            'query'         =>  FILTER_SANITIZE_STRING,
            'number'        =>  FILTER_SANITIZE_STRING
        );

        foreach( array_keys( $args ) as $field ){
            if( !isset( $_POST[ $field ] ) ) $errors[]=sprintf( 'The field "%s" is not set', $field );
        }

        foreach( $_POST as $field => $value ){
            if( !in_array( $field, array_keys( $args ) ) )$errors[]=sprintf( 'Unknown field "%s"', $field );
        }

        if( empty( $errors ) ){
            $_POST=filter_input_array( INPUT_POST, $args );
            extract( $_POST );


            require_once 'config.php';
            require_once 'index.php';



            $sql='insert into `tickets` 
                ( `first_name`, `second_name`, `client_type`, `email_address`, `phone_number`, `query` ) 
                values 
                ( ?, ?, ?, ?, ?, ? )';
            $stmt=$conn->prepare( $sql );
            if( !$stmt )$errors[]='The SQL Prepared Statement failed';

            $stmt->bind_param('ssssss', $firstName, $lastName, $clientType, $email, $query, $number );
            $stmt->execute();

            $status=$conn->affected_rows;

        }
    }
?>
<html lang='en' dir='ltr'>
    <head>
        <meta charset='utf-8'>
        <title></title>
    </head>
    <body>
        <form name='ticket-form' method='POST'>
            <?php

                if( $_SERVER['REQUEST_METHOD']=='POST' ){
                    if( !empty( $errors ) ){

                        printf( '<pre>%s</pre>',print_r($errors,true) );

                    } else {

                        if( $status ){

                            echo "
                            <p>Thank you for your email!</p>
                            <p> We aim to respond to your query as soon as possible.
                            Please allow 2 business days for a response and check spam folders.</p>";
                        }
                    }
                }

            ?>
            <label>Please provide your first name: <input type='text' name='firstName' placeholder='John' required></label>
            <label>Please provide your last name: <input type='text' name ='lastName' placeholder='Smith' required></label>

            <label>
                Please indicate if you are a company or a contractor:
                <input type='radio' name='clientType' value='company'>Company
                <input type='radio' name='clientType' value='contractor' checked>Contractor
            </label>

            <label>Please provide an email address: <input type='email' name='email' id='email' placeholder='John123@example.com'></label>
            <label>Please provide a phone number if you'd prefer: <input type='text' name='number' id='number' max='13' placeholder='07654321234'></label>

            <label>
                Please detail your query, going in to as much detail as possible:
                <textarea name='query' rows='8' cols='80' placeholder='Please detail the nature of your issue, going in to as much detail as possible.'></textarea>
            </label>

            <input type='submit' />
        </form>
    </body>
</html>

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 為什么這個PHP腳本不能在MySQL數據庫中插入表單數據? PHP:String不會插入MySQL數據庫 PHP + MYSQL不會插入數據庫 PHP將不會插入MySQL,沒有錯誤 php 不會插入到 mysql 中。 沒有錯誤 PHP日期僅不會插入Mysql PHP / MySQL不會INSERT和回應它應該嗎? 為什么我的$ _GET表單不會將數據(使用PHP)插入到MySql數據庫或表中? PHP錯誤。 “Undefined index”表單中的數據不會插入到mysql數據庫中 PHP MYSQL表單不會更新數據庫
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM