在表单提交时，使用PHP将数据插入到WordPress表中 [英] Inserting data into a WordPress table on form submit, using PHP

问题描述

我有一个窗体有一些字段，和一个wpdb表对应的字段。我想要在表单上提交按钮时将表单中的数据提交到表中。

I have a form with some fields, and a wpdb table which corresponds to the fields. I want the data from the form to be submitted into the table when the submit button is clicked on the form.

以下是表单：

function display_form(){
echo '
<form action="insertrow.php" method="post">
<p>Ticket id:  <br />
User id: <br /> 
Description: <textarea class="widget" rows="4" cols="1" 
name="ticket_description"></textarea>
Priority: <select name="ticket_priority" placeholder="Select">
<option value="critical">Critical</option>
<option value="urgent">Urgent</option>
<option value="important">Important</option>
<option value="standard" selected>Standard</option>
</select>
Status: <select name="ticket_status" placeholder="Select">
<option value="planned">Planned</option>
<option value="in progress">In Progress</option>
<option value="on hold">On Hold</option>
<option value="completed">Completed</option>
<option value="ready for invoice">Ready for Invoice</option>
<option value="to be invoiced as per attached">To be invoiced as per  
attached</option>
</select>
</p>
<input type="submit" name="submit" value="submit">
</form> 
';
}

表单调用insertrow.php文件：

the form calls the insertrow.php file:

if(isset($_POST['submit']))
{
insert_row();
}

function insert_row()
{
global $wpdb;
require_once('../../../wp-config.php');
$tablename =  'st_support_ticket';

$data = array( 
'ticket_id' => '1', 
'ticket_user_id' => '1', 
'ticket_description' => $_POST['ticket_description'] ,
'ticket_priority' => $_POST['ticket_priority'],
'ticket_status' => $_POST['ticket_status'] );

$wpdb->insert($tablename, $data);
}

只是试图让它输入描述，优先级和状态到st_support_ticket表。

Just trying to get this to enter the description, priority and status into the st_support_ticket table.

当我点击提交时，url后缀将更改为insertrow.php并显示一个空白页。数据没有输入到表格中（通过在phpmyadmin中打开来检查）。

At the moment when I click submit the url suffix changes to insertrow.php and displays a blank page. The data is not entered into table (checking by opening it up in phpmyadmin).

我缺少什么？

推荐答案

这不是WordPress的方式。有几个问题，但让我们开始高层次。

This is not the WordPress way. There's several issues, but let's start high-level.

注意：此答案假设您正在使用前端。

Note: This answer assumes that you are working on the front-end, not on the dasboard.

首先，你的表单标签不应该指向一个特定的文件。您应该修改表单以指向它所在的页面。惰性（不理想）的方法是将表单标签的动作留空。这将导致表单回发到显示在同一页面/网址：

First, your form tag should NOT point to a specific file. You should modify your form to point back to the page it is on. The lazy (not ideal) way to do this is to leave the "action" of the form tag empty. This will cause the form to post back to the same page / url it is displayed on:

< form method =postaction = >

然后，找到您的主题functions.php文件或插件主文件，并includeinsertrow.php档案：

Then, find your theme functions.php file, or your plugin main file, and "include" the insertrow.php file:

require_onceinsertrow.php;

ticket_priority 的select，所以你需要改变你的watch，这样它的FAR比submit ，建议您注意：

Then, you need to change your "watch" a bit so that it's a FAR more unique value than "submit". Since your form contains a select with the name of ticket_priority, I would suggest watching for that:

if(isset($_POST['ticket_priority']))
{
insert_row();
}

我建议，你不必包括WP代码

And, if you do this the way I'm suggesting, you won't have to include the WP code

// Comment the below line out.  Not necessary.
// require_once('../../../wp-config.php');

最后，在WP网站上，您希望利用现有的WordPress安全工具。使用NONCE输入是一个最低限度，以帮助确保表单合法发布，而不是垃圾邮件。检查 wp_nonce_field 和 wp_verify_nonce 。

Lastly - on a WP site, you want to take advantage of the WordPress security tools that are in place. Using a NONCE input is a bare minimum to help ensure that the form was legitimately posted, rather than being spammed in. Check out wp_nonce_field and wp_verify_nonce.

更多内联的WordPress方式，你的代码看起来像这样：

Done more inline with the "WordPress way", your code would look something like so:

function display_form(){
    echo '
    <form action="" method="post">';
    // Add a nonce field
    wp_nonce_field('MyNonceAction', 'ticket_nonce');
    echo '
    <p>Ticket id:  <br />
    User id: <br /> 
    Description: <textarea class="widget" rows="4" cols="1" 
    name="ticket_description"></textarea>
    Priority: <select name="ticket_priority" placeholder="Select">
    <option value="critical">Critical</option>
    <option value="urgent">Urgent</option>
    <option value="important">Important</option>
    <option value="standard" selected>Standard</option>
    </select>
    Status: <select name="ticket_status" placeholder="Select">
    <option value="planned">Planned</option>
    <option value="in progress">In Progress</option>
    <option value="on hold">On Hold</option>
    <option value="completed">Completed</option>
    <option value="ready for invoice">Ready for Invoice</option>
    <option value="to be invoiced as per attached">To be invoiced as per  
    attached</option>
    </select>
    </p>
    <input type="submit" name="submit" value="submit">
    </form> 
    ';
}

下面的代码包含在你的主题/插件核心文件中，一个独立的文件：

And the below code is included in your theme / plugin core files, NOT in a stand-alone file:

if(isset($_POST['ticket_priority']))
{
    // Debugging output, since you are having troubles finding the issue.
    // If this doesn't fire, then you've got a problem with the select name or this code isn't included in your theme / plugin.
    echo "SAVING ENTRY";
    // Get the nonce value for validation
    $nonce = $_POST['ticket_nonce'];
    // If the nonce does not verify, do NOT process the form.
    if ( ! wp_verify_nonce($nonce, 'MyNonceAction')) {
         // If this spits out an error, that means the nonce failed
         echo 'Security error. Do not process the form.';
         return;
    }

    insert_row();
}

function insert_row()
{

    // You should use the WP table prefixes, so let's set that up....
    global $wpdb, $table_prefix;
    $tablename =  $table_prefix . 'st_support_ticket';

    $data = array( 
    'ticket_id' => '1', 
    'ticket_user_id' => '1', 
    'ticket_description' => $_POST['ticket_description'] ,
    'ticket_priority' => $_POST['ticket_priority'],
    'ticket_status' => $_POST['ticket_status'] );

    // Debugging: Lets see what we're trying to save
    var_dump($data);

    // FOR database SQL injection security, set up the formats
    $formats = array( 
        '%d', // ticket_id should be an integer
        '%d', // ticket_user_id should be an integer
        '%s', // ticket_description should be a string
        '%s', // ticket_priority should be an string
        '%s'  // ticket_status should be an string 
    ); 

    // Debugging: Turn on error reporting for db to see if there's a database error
    $wpdb->show_errors();
    // Actually attempt to insert the data
    $wpdb->insert($tablename, $data, $formats);
}

这篇关于在表单提交时，使用PHP将数据插入到WordPress表中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！