如果验证码有效,则提交给db的简单代码。我对这些东西很新,但我学得很快。
这是错误
错误:您的SQL语法出错;查看与您的MySQL服务器版本对应的手册,以便在'。'jj','jjjjj','','','','ass @ esfd.com','','pass'附近使用正确的语法)'在第1行
这是我的PHP代码
<?php
require_once('recaptchalib.php');
$privatekey = "X";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
} else {
$con=mysqli_connect("","","","");
if(mysqli_connect_errno()){
echo "failed to connect to db" . mysqli_connect_error();
}
$sql="INSERT INTO Contacts(cf_firtstname, cf_lastname, cf_address, cf_address2, cf_city, cf_state, cf_zipcode, cf_contact1, cf_contact2, cf_contact3, cf_message, cf_email, cf_phone, cf_sale)
VALUES
('$_POST[cf_firstname]','$_POST[cf_lastname]','$_POST[cf_address]','$_POST[cf_address2]','$_POST[cf_city]'.'$_POST[cf_state]','$_POST[cf_zipcode]','$_POST[cf_contact1]','$_POST[cf_contact2]','$_POST[cf_contact3]','$_POST[cf_email]','$_POST[cf_phone]','$_POST[cf_sale]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
}
echo "<a href='index.html' style='text-decoration:none;color:#ff0099;'>
Thank you for contacting us. We will be in touch with you very soon."
?>
答案 0 :(得分:1)
查询中存在语法错误,连接错误
'$_POST[cf_city]'.'$_POST[cf_state]'
更改为
'".$_POST[cf_city].$_POST[cf_state]."'
您的代码非常容易受到mysql注入read more的影响,您应该使用预准备语句来避免任何风险
答案 1 :(得分:0)
'$_POST[cf_city]'.'$_POST[cf_state]'
应该是
'$_POST[cf_city]','$_POST[cf_state]'
Comma needed----^