形式没有使用MySQL [英] form didnt working with mysql
本文介绍了形式没有使用MySQL的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是html
< form action =addadd.phpmethod =postenctype =multipart / form-dataname =form1id =form1>
< p>
名字< br>
< label for =firstname>< / label>
< input type =textname =firstnameid =firstname/>
< / p>
< p>
姓氏< br>
< label for =lastname>< / label>
< input type =textname =lastnameid =lastname/>
< / p>
< p>
手机< br>
< label for =mobile>< / label>
< input type =textname =mobileid =mobile/>
< / p>
< p>
电邮< br>
< label for =email>< / label>
< input type =textname =emailid =email/>
< / p>
< p>
< input type =submitname =buttonid =buttonvalue =Submit/>
< input type =resetname =button3id =button3value =Reset/>
< / p>
< / form>
这是php
数据库连接
<?php
$ con =的mysql_connect( 本地主机, 根, );
if(!$ con)
{
die(connection to database failed.mysql_error());
}
$ dataselect = mysql_select_db(qoot,$ con);
if(!$ dataselect)
{
die(Database namelist not selected.mysql_error());
}
?>
<?php
$ unm = $ _SESSION ['name'];
$ fname = $ _ POST ['firstname'];
$ lname = $ _ POST ['lastname'];
$ ema = $ _ POST ['email'];
$ mob = $ _ POST ['mobile'];
?>
$ b $ lt; $ php
$ qry = mysql_query(INSERT INTO address(firstname,lastname,mobile,email)VALUES('$ fname',$ lname','$ ema','$ mob'),$ con);
?>
现在问题在于这不会在数据库中插入任何东西。
我还可以尝试什么来检查出现问题的地方?
已更新数据库连接详细信息
解决方案
>
将您的表名地址
使用 mysqli _
>
<?php
/ start session
session_start();
//建立连接
$ con = mysqli_connect(localhost,root,,qoot);
if(!$ con)
{
die(connection to database failed.mysqli_error($ con));
}
//从表单
$ unm = $ _SESSION ['name'];
$ fname = $ _ POST ['firstname'];
$ lname = $ _ POST ['lastname'];
$ ema = $ _ POST ['email'];
$ mob = $ _ POST ['mobile'];
?>
<?php
//插入到数据库
$ qry = mysqli_query($ con,INSERT INTO`address`(firstname, ('$ fname',$ lname','$ ema','$ mob'))或die(mysqli_error($ con));
?>
PS我会说你冒着 mysql注入风险
,请点击此处如何防止PHP中的SQL注入?一>。您应该使用准备好的语句来避免任何风险。
this is the html
<form action="addadd.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>
First Name<br>
<label for="firstname"></label>
<input type="text" name="firstname" id="firstname" />
</p>
<p>
Last Name<br>
<label for="lastname"></label>
<input type="text" name="lastname" id="lastname" />
</p>
<p>
Mobile<br>
<label for="mobile"></label>
<input type="text" name="mobile" id="mobile" />
</p>
<p>
Email<br>
<label for="email"></label>
<input type="text" name="email" id="email" />
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
<input type="reset" name="button3" id="button3" value="Reset" />
</p>
</form>
This is the php
database connection
<?php
$con = mysql_connect("localhost","root","");
if(!$con)
{
die("connection to database failed".mysql_error());
}
$dataselect = mysql_select_db("qoot",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<?php
$unm = $_SESSION['name'];
$fname=$_POST['firstname'];
$lname=$_POST['lastname'];
$ema=$_POST['email'];
$mob=$_POST['mobile'];
?>
<?php
$qry=mysql_query("INSERT INTO address( firstname, lastname, mobile, email)VALUES('$fname',$lname','$ema','$mob')", $con);
?>
Now the problem is that this is inserting nothing in to my database.
What else can i try in order to check where things go wrong?
updated database connection details
解决方案
Place your tablename address
in backticks
Using mysqli_
<?php
/start session
session_start();
//establish connection
$con = mysqli_connect("localhost","root","","qoot");
if(!$con)
{
die("connection to database failed".mysqli_error($con));
}
//read the values from form
$unm = $_SESSION['name'];
$fname=$_POST['firstname'];
$lname=$_POST['lastname'];
$ema=$_POST['email'];
$mob=$_POST['mobile'];
?>
<?php
//insert to database
$qry=mysqli_query($con,"INSERT INTO `address` ( firstname, lastname, mobile, email)VALUES('$fname',$lname','$ema','$mob')") or die(mysqli_error($con));
?>
P.S I'd say you are at risk of mysql injection
, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to avoid any risk.
这篇关于形式没有使用MySQL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文