使用Ajax在我的数据库中插入特殊字符

时间：2013-03-15 06:45:59

标签： php jquery mysqli

我正在创建一个简单的评论表单，使用php和mysql连接到数据库和jquery ajax，无需刷新表单包含的页面：姓名电子邮件评论问题是数据库中的名称字段（名称）只插入 [1] 的值但是当我发布字段名称的值时，它会回显正确的值，任何人都可以帮助我吗？

submit_to_db.php

<?php
  $conn = new mysqli('localhost', 'root', '', 'my_db');
  echo"<pre>";
  print_r($_POST);
  echo"</pre>";

  if(isset($_POST['name_'])){
  $name =isset ($_POST['name_']);
  $email = $_POST['email'];
  $comments = $_POST['comments'];



  $query = "INSERT into comments(name, email, comments) VALUES(?, ?, ?)";

  $stmt = $conn->stmt_init();
  if($stmt->prepare($query)){

     $stmt->bind_param('sss', $name, $email, $comments);
     $stmt->execute();

  }

  if($stmt){

  echo "thank you .we will be in touch soon <br />";
 // echo $_POST['name'];
  //echo $_POST['email'];
  //echo $_POST['comments'];

  }
  else{
   echo "there was an error. try again later.";
   }  

}

else
   echo"it is a big error";
?>

这是表单评论

的index.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>feedback page</title>
<script type = "text/javascript" src = "http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<link rel ="stylesheet" href = "css/default.css" />

<script type = "text/javascript">

$(function(){

   $('#submit').click(function(){
     $('#container').append('<img src = "img/loading.gif" alt="Currently loading" id = "loading" />');

         var name = $('#name_').val();
         var email = $('#email').val();
         var comments = $('#comments').val();


         $.ajax({

            url: 'submit_to_db.php',
            type: 'POST',
            data: 'name_=' + name + '&email=' + email + '&comments=' + comments,

            success: function(result){
                 $('#response').remove();
                 $('#container').append('<p id = "response">' + result + '</p>');
                 $('#loading').fadeOut(500, function(){
                     $(this).remove();
                 });

            }

         });         

        return false;

   });


});

</script>




</head>

<body>
   <form action = "submit_to_db.php" method = "post">
   <div id = "container">
      <label for = "name">Name</label>
      <input type = "text" name = "name_" id = "name_" />

      <label for = "email">Email address</label>
      <input type = "text" name = "email" id = "email" />

      <label for = "comments">Comments</label>
      <textarea rows = "5"cols = "35" name = "comments" id = "comments"></textarea>
      <br />

      <input type = "submit" name = "submit" id = "submit" value = "send feedBack" />
    </div>
   </form>




</body>
</html>

1 个答案:

答案 0 :(得分：0)

问题出在这里

$name =isset ($_POST['name_']);

应该是

$name =$_POST['name_'];

您使用isset并且它给出值1并存储在$name中，因此它在数据库中插入1。