PHP表单没有发布到数据库

时间:2012-06-26 18:41:43

标签: php

它会正确验证并显示我的数组中的错误,但它不会POST到我的数据库。字段的所有命名在表单上都是正确的(大小写也正确),PHP和MYSQL,dbconnect.php都是正确的。我相信的问题是在数组函数中的某个地方。现在我刚开始学习PHP这个月,所以请放轻松我。谢谢你的帮助!

<?php
include ('scripts/dbconnect.php');
$Name = mysql_real_escape_string($Name);
$Email = mysql_real_escape_string($Email);

if (isset($_POST['formsubmitted'])) {
$error = array();//Declare An Array to store any error message  

if (empty($_POST['Name'])) {//if no name has been supplied 
    $error[] = 'Please Enter Your Name ';//add to array "error"
    } else {
        $Name = $_POST['Name'];//else assign it a variable
    }

if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['Email'])) { //regular expression for email validation
    $Email = $_POST['Email'];
    } else {
         $error[] = 'Your EMail Address is Invalid  ';
    }
}
if (empty($error)) //Send to database if no errors
    mysql_query("INSERT INTO InviteRequestDB ( 'Name', 'Email' ) VALUES ( '$Name', '$Email' )");
    mysql_close($connect); //Close connection to database

  foreach ($error as $key => $values) {
  echo "<li style=color:#FFF> $values </li>";
  }

&GT;

现在我知道我不应该使用mysql。但是我遇到了mysqli的太多问题,这只是一个简单的联系表格。

我现在应该在每个变量上做mysql_real_escape_string吗?或者程序的顺序不正确?

<form action="applyforinvite.php" method="post">
    <input class="textbox" type="text" name="Name" />
    <input class="textbox" type="text" name="Email" />
  <input type="hidden" name="formsubmitted" value="TRUE" />
  <input type="submit" value="Register" />
</form>

感谢您的帮助!

3 个答案:

答案 0 :(得分:2)

更改

mysql_query("INSERT INTO InviteRequestDB ( 'Name', 'Email' ) VALUES ( '$Name', '$Email' )");


mysql_query('INSERT INTO InviteRequestDB ( Name, Email ) VALUES ( "'.$Name.'", "'.$Email.'" )') or die(mysql_error());

修改 

<?php
include ('scripts/dbconnect.php');

if(isset($_POST['formsubmitted'])){
    #   Will contain errors
    $Error = array(); 

    #   Email
    $Email = (isset($_POST['Email']) ? $_POST['Email'] : '');
    if($Email == '' OR !preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $Email)){
        $Error[] = 'Email address is invalid.';
    }

    #   Name
    $Name = (isset($_POST['Name']) ? $_POST['Name'] : '');
    if($Name == ''){
        $Error[] = 'Please enter your name.';
    }

    if(count($Error)){
        echo '<ul>';
        foreach($Error as $Value){
            echo '<li style="color: #FFF;">'.$Value.'</li>';
        }
        echo '</ul>';
    } else {
        // Query
        mysql_query('INSERT INTO InviteRequestDB ( Name, Email ) VALUES ( "'.$Name.'", "'.$Email.'" )') or die(mysql_error());
    }

    //Close connection to database
    mysql_close($connect);
}

?>

答案 1 :(得分:2)

您不应引用INSERT查询中的列名。 ('name,'e​​mail')应该是(姓名,电子邮件)。

另外,不要将php_mysql扩展名用于新的应用程序,不推荐使用它。试试MySQLi或PDO。

最终编辑(lol),试试这个 - 修复了代码的多个问题:          

    if (isset($_POST['formsubmitted'])) {
        $error = array(); //Declare An Array to store any error message  

        if (empty($_POST['Name'])) { //if no name has been supplied 
            $error[] = 'Please Enter Your Name '; //add to array "error"
        } else {
            $Name = mysql_real_escape_string($_POST['Name']); //else assign it a variable
        }

        if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['Email'])) { //regular expression for email validation
            $Email = mysql_real_escape_string($_POST['Email']);
        } else {
            $error[] = 'Your EMail Address is Invalid  ';
        }
        if (empty($error)) //Send to database if no errors
            {
            mysql_query("INSERT INTO InviteRequestDB (Name, Email) VALUES ( '$Name', '$Email' )");
        }
    }

    mysql_close($connect); //Close connection to database

    foreach ($error as $key => $values) {
        echo "<li style=color:#FFF> $values </li>";
    }

答案 2 :(得分:1)

<?PHP
require_once('scripts/dbconnect.php');

if (!$link) { //Change $link to be your connection variable
    die("Not connected : " . mysql_error());
}

if (!$db_selected) { //Change $db_selected to be the variable you set mysql_select_db on
    die ("Can't use database : " . mysql_error());
}

if (isset($_POST['formsubmitted'])) {
    $error = array();//Declare An Array to store any error message  

    if (empty($_POST['Name'])) {//if no name has been supplied 
      $error[] = 'Please Enter Your Name ';//add to array "error"
    } else {
      $Name = mysql_real_escape_string($_POST['Name']);//else assign it a variable
    }

    if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['Email'])) { //regular expression for email validation
      $Email = mysql_real_escape_string($_POST['Email']);
    } else {
      $error[] = 'Your EMail Address is Invalid  ';
    }

    if (count($error) == 0){ //Send to database if no errors
        mysql_query("INSERT INTO `InviteRequestDB` (`Name`, `Email`) VALUES('$Name', '$Email')")or die(mysql_error());
    } else {
      foreach ($error as $key => $values) {
        echo "<li style=color:#FFF> $values </li>";
      }
    }
    mysql_close($connect); //Close connection to database
}
相关问题
最新问题