下面的代码从表单中获取信息并将其发送到mysql。它成功完成了(对于类别,内容,日期和用户ID),但最近我在数据库中添加了一个名为'seclevel'的新列,也需要填充。我没有看到为什么添加seclevel会破坏代码的逻辑原因,我在日志中没有收到任何错误。它只是一个用户选择的1-9整数,所以除非我错误地使用$ _POST ['seclevel'],否则我很难过。有任何想法吗?
send_post.php
<?php
include 'db_connect.php';
include 'functions.php';
sec_session_start();
$userId = $_SESSION['user_id'];
if(login_check($mysqli) == true) {
//Connecting to sql db.
$connect=mysqli_connect("localhost","mylogin","mypass","mydb");
header("Location: http://somekindasite.com/index_3.php");
if (mysqli_connect_errno()) { echo "Fail"; } else { echo "Success"; }
//Sending form data to sql db.
$stmt = $mysqli -> prepare('INSERT INTO opwire (category, contents, date, userid, seclevel)
VALUES (?,?,NOW(),?,?)');
$stmt -> bind_param('ssi', $_POST['category'], $_POST['contents'], $userId, $_POST['seclevel']);
$stmt -> execute();
$stmt -> close();
} else {
echo 'Access denied. <br/>';
}
?>
以下是提交给send_post.php的相关表单
<html>
<div style="width: 330px; height: 130px; overflow: auto;">
<form STYLE="color: #f4d468;" action="send_post.php" method="post">
Category: <select STYLE="color: #919191; font-family: Veranda; font-weight: bold; font-size: 10px; background-color: #000000;" name="category">
<option value="1">1</option>
<option value="1">2</option>
<option value="1">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option STYLE="color: #c31717;" value="8">8</option>
<option value="Other">Other</option>
</select>
Seclevel: <select STYLE="color: #919191; font-family: Veranda; font-weight: bold; font-size: 10px; background-color: #000000;" name="seclevel">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
</select> <br>
<textarea overflow: scroll; rows="4" cols="60" STYLE="color: #919191; font-family: Veranda; font-weight: bold; font-size: 10px; background-color: #000000; width:300px; height:80px; margin:0; padding:0;" name="contents"></textarea><br>
<input type="submit" STYLE="color: #919191; font-family: Veranda; font-weight: bold; font-size: 10px; background-color: #000000;" value="Create Log">
</form>
</div>
</html>
答案 0 :(得分:1)
MySQLi的参数绑定有两部分,你错过了其中一部分。您需要将字符串类型s或整数(i double,d blob)的b添加到bind_param()的第一个参数中。
// Looks like you're adding another integer...
$stmt -> bind_param('ssii', $_POST['category'], $_POST['contents'], $userId, $_POST['seclevel']);
//---------------------^^^
从mysqli_stmt::bind_param() returns FALSE on failure开始,您应该进行一些错误检查。
if ($stmt->bind_param('ssii', $_POST['category'], $_POST['contents'], $userId, $_POST['seclevel'])) {
$stmt->execute();
}
else {
echo $stmt->error;
}
我还要注意,我希望bind_param()发出致命错误。在开发代码时,总是建议启动错误报告并在屏幕上显示错误。
error_reporting(E_ALL);
ini_set('display_errors', 1);