错误插入语句PHP

Question

我想我的数据库处理程序类有问题。我在index.php文件中有一个表单标记，它调用inc / function.php中的一个函数，然后将表单数据保存到数据库中的表中。问题是，我不工作，我找不到错误。如果您希望我提供更多信息，请说明：）

没有错误，除了在我的函数中添加行$ dbh-＆gt;查询（$ sql）时，整个表单消失了：/

的index.php：

<form id="signform" action="<?php addSignature($dbh) ?>" method="post">
                <h1>SIGN THE PROPOSED CITIZENS’ INITIATIVE</h1>
                <input type="text" name="firstname" placeholder="Full first name"><br/>
                <input type="text" name="familynames" placeholder="Family name"><br/>
                <input type="text" name="dateofbirth" placeholder="Date of birth"><br/>
                <input type="text" name="placeofbirth" placeholder="Place of birth"><br/>
                <select name="nationality">
                    <option value="" disabled selected>Nationality</option>
                    <option value="Denmark" >Denmark</option>
                </select>
                <hr>
                <textarea name="address" placeholder="Address (street, number, other)"></textarea><br/>
                <input type="text" name="postalcode" placeholder="Postal code"><br/>
                <input type="text" name="city" placeholder="City"><br/>
                <select name="country">
                    <option value="" disabled selected>Country</option>
                    <option value="Denmark" >Denmark</option>
                </select>
                <hr>
                <div id="radiobuttons">
                <input class="radiobutton" type="checkbox" name="certify"><span class="radiobuttonText">I hereby certify that the information provided in this 
 form is correct and that I have not already supported 
this proposed citizens’ initiative.</span><br/><br/>
                <input class="radiobutton" type="checkbox" name="privacy"><span class="radiobuttonText">I have read the privacy statement.</span>
                </div>
                <button type="submit" value="">SIGN UP</button>
            </form>

DbH.php：

<?php

    //DATABASE HANDLER
    class DbH{

        private $connection;
        private $host;
        private $database;
        private $user;
        private $password;
        private $result;

        public function __construct($database, $host='localhost', $user='root', $password='blabla'){
            $this->database = $database;
            $this->host = $host;
            $this->user = $user;
            $this->password = $password;
            $this->connect();
        }

        private function connect(){
            try{
                if(!$this->connection = mysql_connect($this->host, $this->user, $this->password)){
                    throw new Exception("No connection to the MySQL server.");
                }
                if(!mysql_select_db($this->database, $this->connection)){
                    throw new Exception("No connection to the MySQL database.");
                }
            }
            catch(Exception $e){
                die($e->getMessage());
            }
        }

        function query($declaration){
            try{
                if(!$this->result=mysql_query($declaration, $this->connection)){
                    throw new Exception("SELECT ERROR</ br>{$declaration}");
                }
            }
            catch(Exception $e){
                die($e->getMessage());
            }
        }

        function fetch_array(){
            return $rowArray = @mysql_fetch_array($this->result);
        }

        function getDb(){
            return $this->database;
        }

        function getConnection(){
            return $this->connection;
        }
    }
?>

的functions.php：

<?php

function addSignature($dbh){

if(!isset($_POST['firstname'], $_POST['familynames'], $_POST['dateofbirth'], $_POST['placeofbirth'], $_POST['nationality'], $_POST['address'], $_POST['postalcode'], $_POST['city'], $_POST['country'])){
    $_POST['firstname'] = 'undefine';
    $_POST['familynames'] = 'undefine';
    $_POST['dateofbirth'] = 'undefine';
    $_POST['placeofbirth'] = 'undefine';
    $_POST['nationality'] = 'undefine';
    $_POST['address'] = 'undefine';
    $_POST['postalcode'] = 'undefine';
    $_POST['city'] = 'undefine';
    $_POST['country'] = 'undefine';
}

$firstname = mysql_real_escape_string($_POST['firstname']);
$familynames = mysql_real_escape_string($_POST['familynames']);
$dob = mysql_real_escape_string($_POST['dateofbirth']);
$pob = mysql_real_escape_string($_POST['placeofbirth']);
$nationality = mysql_real_escape_string($_POST['nationality']);
$address = mysql_real_escape_string($_POST['address']);
$postalcode = mysql_real_escape_string($_POST['postalcode']);
$city = mysql_real_escape_string($_POST['city']);
$country = mysql_real_escape_string($_POST['country']);

$sql = 'INSERT INTO signatures (id, firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)';
$sql .= sprintf(' VALUES ("%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country);


$dbh->query($sql);
}

?>

Answer 1

您的表单操作应该是一个页面，而不是对PHP函数的调用。

<form id="signform" action="<?php addSignature($dbh) ?>" method="post">

当您添加该行时，您实际上是立即调用该函数，因为在输出到页面之前处理所有PHP代码，并且源代码中的操作变为

action=""

您需要将表单传递到同一页面或处理页面，然后将POST变量传递给addSignature函数。

Answer 2

我假设id语句中的INSERT字段看起来像一个自动增量字段，因为在INSERT的VALUES部分中没有指定id参数。或者您可能需要在参数部分添加ID：

$sql = 'INSERT INTO signatures (firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)';
$sql .= sprintf(' VALUES ("%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country);

$dbh->query($sql);

OR

$sql = 'INSERT INTO signatures (id,firstname, familynames, dob, birthplace, nationality, address, postalcode, city, country)';
$sql .= sprintf(' VALUES ("%s","%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s")', $id, $firstname, $familynames, $dob, $pob, $nationality, $address, $postalcode, $city, $country);

$dbh->query($sql);

还要确保正确的变量类型已经过了表格中的字段。

Answer 3

我认为存在语法错误。在您的if声明中，您使用的是逗号，但您应该使用&&或||。