我正在使用XAMPP在windows7上关注this php教程 这是一本留言簿教程,可以将用户条目保存到mysql&显示db的条目。 当我输入数据到表格&提交它,浏览器显示此错误消息
禁止访问! 您无权访问请求的对象。它受读保护或服务器无法读取。 如果您认为这是服务器错误,请与网站管理员联系。 错误403 本地主机 Apache / 2.4.3(Win32)OpenSSL / 1.0.1c PHP / 5.4.7
更新
guestbok.php
连接到数据库代码
<?php
$dbHost = "localhost";
$dbUser = "root";
$dbPass = "";
$dbDatabase = "myDB";
// Connect to DB
$li = new mysqli('localhost', 'root', '', 'myDB') or
die("Could not connect". mysqli_connect_error());
//mysql_select_db($dbDatabase, $li) or
die ("could not select DB". mysql_error());
?>
变量初始化
<?php
// initiate some vars
$gb_str = "";
// $gb_str is the string we'll append entries to
$pgeTitle = "View and Sign Guestbook";
发布请求处理
// If form is submitted, then insert into DB
if (!empty($_POST["submit"])) {
$name = $_POST["frmName"];
$email = $_POST["frmEmail"];
$comment = $_POST["frmComment"];
$date = Date("Y-m-d h:i:s");
$gb_query = "insert into guestbook
values(0, '$name', '$email', '$comment', '$date')";
// Performs the $sql query on the server to insert the values
if ($li->query($gb_query) === TRUE) {
echo 'users entry saved successfully';
}
else {
echo 'Error: '. $li->error;
}
/*
$sql = mysql_query($gb_query);
$res = mysql_affected_rows($sql);
// See if insert was successful or not
if($res > 0) {
$ret_str="Your guestbook entry was successfully added.";
} else {
$ret_str = "Your guestbook entry was NOT successfully added.";
}
// Append success/failure message
$gb_str .= "<span class=\"ret\">$ret_str</span><BR>";
*/
}
?>
留言簿列表
<?php
$get_query = "select gbName, gbEmail, gbComment,
DATE_FORMAT(gbDateAdded, '%m-%d-%y %H:%i') gbDateAdded
from guestbook";
$result = $li->query($get_query);
$gb_str .= "<hr size=\"1\">";
if ($result->num_rows > 0) {
// output data of each row from $result
while($row = $result->fetch_assoc()) {
$name = $row["gbName"];
$email = $row["gbEmail"];
$comment = $row["gbComment"];
$date = $row["gbDateAdded"];
if(!empty($name)) {
// If name exists and email exists, link name to email
if(!empty($email)) {
$name="by <a href=\"mailto:$email\">$name</a>";
}
// If name does exist and email exists, link email to email
} else if (!empty($email)) {
$name = "by <a href=\"mailto:$email\">$email</a>";
} else {
$name = "";
}
// Append to string we'll print later on
$gb_str .= "<br>$comment<p class=\"small\">
posted on $date $name<hr size=\"1\">";
}}
?>
HTML页面
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Guestbook</TITLE>
<SCRIPT language="javascript">
<!--
/* This function is pulled from a generic validation file from
some other site (probably developer.netscape.com) and strips out
characters you don't want */
function stripCharsInBag (s, bag) {
var i;
var returnString = "";
// Search through string's characters one by one.
// If character is not in bag, append to returnString.
for (i = 0; i < s.length; i++)
{
// Check that current character isn't whitespace.
var c = s.charAt(i);
if (bag.indexOf(c) == -1) returnString += c;
}
return returnString;
}
// This function just makes sure the comment field is not empty
function valForm(frm) {
badChars = "<[]>{}";
if(frm.frmComment.value == "") {
alert("Please fill in your comments for the guestbook.");
return false;
} else {
frm.frmComment.value = stripCharsInBag(frm.frmComment.value, badChars);
// These values may be empty, but strip chars in case they're not
frm.frmName.value = stripCharsInBag(frm.frmName.value, badChars);
frm.frmEmail.value = stripCharsInBag(frm.frmEmail.value, badChars);
return true;
}
}
-->
</SCRIPT>
</HEAD>
<BODY bgcolor="#FFFFFF">
<?php echo $gb_str; ?>
<form name="gb" action="<? echo $PHP_SELF;?>" method="post">
<table cellpadding="3" cellspacing="0" border="0">
<tr>
<td class="tdhead" valign="top" align="right">Name</td>
<td valign="top">
<input type="text" name="frmName" value="" size="30"
maxlength="50">
</td>
</tr>
<tr>
<td class="tdhead" valign="top" align="right">Email</td>
<td valign="top">
<input type="text" name="frmEmail" value="" size="30"
maxlength="100">
</td>
</tr>
<tr>
<td class="tdhead" valign="top" align="right">Comment</td>
<td valign="top">
<textarea name="frmComment" rows="5" cols="30"></textarea>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="submit"
onClick="return valForm(document.gb)">
<input type="reset" name="reset" value="reset">
</td>
</tr>
</table>
</form>
</BODY>
</HTML>
<?php
// Close MySQL Connection
$li->close();
?>
答案 0 :(得分:1)
第二个问题回答,您尚未将变量分配给变量,mysql_affected_rows
也是空的。
$gb_query = "insert into guestbook
values(0, '$name', '$email', '$comment', '$date')";
$sql = mysql_query($gb_query);
$res = mysql_affected_rows($sql);
答案 1 :(得分:1)
听起来这个错误是由阻塞目录的Xampp配置引起的。如果您在开发机器上并且不关心安全性,请在xampp下的apache / conf目录中查找名为httpd.conf的文件。
你会在那里找到类似于
的指令<Directory />
Options FollowSymLinks
AllowOverride none
Order deny,allow
Allow from none
Deny from all
</Directory>
将其替换为
<Directory />
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Deny from none
</Directory>
这使得根驱动器上的每个文件都可以被Web服务器访问,这在开发机器上是可以的(虽然有些人肯定会争论这一点),但在生产中并不是一个好主意。