表单不提交到数据库

时间:2013-12-09 21:28:32

标签: php mysql database forms

我正在尝试将信息输入数据库,同时将文件上传到服务器并将其链接存储在数据库中。此时文件上传,但数据库中没有显示任何表单数据,并返回表单无法提交的错误消息,但实际上并未指定错误。

任何帮助都会很棒!!!

<?php

$dbc=mysql_connect('localhost', 'mgertenbach', 'mollyr');
mysql_select_db('mgertenbach', $dbc);


if($_SERVER['REQUEST_METHOD']=='POST'){
    //you needed to move this INSIDE the conditional.. you had it up at line 15 which... woudl cause the errors to show.
    $sqlInsertString = "INSERT INTO band_information
            VALUES ('{$_POST['bandname']}', '{$_FILES['bandphoto']['name']}', '{$_POST['bandbio']}', '{$_POST['bandcity']}', '{$_POST['bandstate']}', '{$_POST['bandzipcode']}', '{$_POST['bandgenre']}', '{$_POST['bandlink']}');";

    if(move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}") && @mysql_query($sqlinsertString, $dbc)){
        print '<p>Thanks for submitting your band!</p>';
    } else {
        print '<p>Could not submit band because: <br/>' .
        mysql_error($dbc) . '</p>';
    }
}                   



?>

    <h3>Please fill out the following information.</h3>

    <form action="submitband.php" method="post" enctype="multipart/form-data">
        <fieldset><legend>Who Are You?</legend>
            <label>Band Name: <input type="text" name="bandname" size="10"/></label>
            <br/><br/>

            <label>Link to Photo*: <input type="hidden" name="MAX_FILE_SIZE" value="300000" /><input type="file" id="bandphoto" name="bandphoto" /></label>
            <br/>&nbsp;&nbsp;&nbsp;*image must be a square file
            <br/><br/>
            <label>Enter a short bio: <br/><textarea name="bandbio" cols="40" rows="10"></textarea></label>
        </fieldset>
        <br/><br/> 
        <fieldset><legend>Where Are You From?</legend>
            <label>City: <input type="text" name="bandcity" size="10"/></label>
            <br/><br/>
            <label>State: 
                <select id="bandstate" name="bandstate">
                        <option value=""> </option>
                        <option value="AL">Alabama</option>
                        <option value="AK">Alaska</option>
                        <option value="AZ">Arizona</option>
                        <option value="AR">Arkansas</option>
                        <option value="CA">California</option>
                        <option value="CO">Colorado</option>
                        <option value="CT">Connecticut</option>
                        <option value="DE">Delaware</option>
                        <option value="DC">District Of Columbia</option>
                        <option value="FL">Florida</option>
                        <option value="GA">Georgia</option>
                        <option value="HI">Hawaii</option>
                        <option value="ID">Idaho</option>
                        <option value="IL">Illinois</option>
                        <option value="IN">Indiana</option>
                        <option value="IA">Iowa</option>
                        <option value="KS">Kansas</option>
                        <option value="KY">Kentucky</option>
                        <option value="LA">Louisiana</option>
                        <option value="ME">Maine</option>
                        <option value="MD">Maryland</option>
                        <option value="MA">Massachusetts</option>
                        <option value="MI">Michigan</option>
                        <option value="MN">Minnesota</option>
                        <option value="MS">Mississippi</option>
                        <option value="MO">Missouri</option>
                        <option value="MT">Montana</option>
                        <option value="NE">Nebraska</option>
                        <option value="NV">Nevada</option>
                        <option value="NH">New Hampshire</option>
                        <option value="NJ">New Jersey</option>
                        <option value="NM">New Mexico</option>
                        <option value="NY">New York</option>
                        <option value="NC">North Carolina</option>
                        <option value="ND">North Dakota</option>
                        <option value="OH">Ohio</option>
                        <option value="OK">Oklahoma</option>
                        <option value="OR">Oregon</option>
                        <option value="PA">Pennsylvania</option>
                        <option value="RI">Rhode Island</option>
                        <option value="SC">South Carolina</option>
                        <option value="SD">South Dakota</option>
                        <option value="TN">Tennessee</option>
                        <option value="TX">Texas</option>
                        <option value="UT">Utah</option>
                        <option value="VT">Vermont</option>
                        <option value="VA">Virginia</option>
                        <option value="WA">Washington</option>
                        <option value="WV">West Virginia</option>
                        <option value="WI">Wisconsin</option>
                        <option value="WY">Wyoming</option>
                    </select></label>  
            <br/><br/>
            <label>Zipcode: <input type="text" name="bandzipcode" size="10"/></label>
        </fieldset>  
        <br/><br/>
        <fieldset><legend>What's Your Music Like?</legend>
            <label>Genre: 
                <select name="bandgenre">
                        <option value="country">Country</option>
                        <option value="electronic">Electronic</option>
                        <option value="folk">Folk</option>
                        <option value="indie">Indie</option>
                        <option value="punk">Punk</option>
                        <option value="rock">Rock</option>
                </select>
                </label>
            <br/><br/>
            <label>Share a link to where we can hear it: <input type="text" name="bandlink" size="40"/></label>
        </fieldset>
        <br/><br/>
        <input type="submit" value="submit"/>          
    </form>

2 个答案:

答案 0 :(得分:0)

  1. 为什么你有这样的花括号'{$_POST['bandname']}'

    这是PHP而不是bash所以摆脱它们。

  2.   

    但实际上并未指定错误

    从中删除@ @mysql_query查看错误

  3. 您的代码容易受到SQL注入攻击,如中所述 注释使用参数化查询或PDO

答案 1 :(得分:0)

首先,删除@beforre mysql_query会得到错误消息。你的代码中也有两层单引号,这不会返回任何结果:

$sqlInsertString = "INSERT INTO band_information
            VALUES ('{$_POST['bandname']}', '{$_FILES['bandphoto']['name']}', '{$_POST['bandbio']}', '{$_POST['bandcity']}', '{$_POST['bandstate']}', '{$_POST['bandzipcode']}', '{$_POST['bandgenre']}', '{$_POST['bandlink']}');";

此外,您没有列出要插入的字段?不是问题,请确保每个值符合所需的字段类型,否则查询将失败。 你有两种方法可以纠正sql,或者事先分配每个值,然后使用它们:

$bandname = $_POST['bandname'];
$sqlInsertString = "INSERT INTO band_information VALUES ('$bandname', // etc

或退出双引号,然后输入变量:

$sqlInsertString = "INSERT INTO band_information VALUES ('" . $_POST['bandname'] . "','" .  $_FILES['bandphoto']['name'] . "','" .  $_POST['bandbio'] . "','" .  $_POST['bandcity'] . "','" .  $_POST['bandstate'] . "','" .  $_POST['bandzipcode'] . "','" .  $_POST['bandgenre'] . "','" .  $_POST['bandlink'] . "')";
噢哦......我不知道为什么会有花括号?从未在sql中使用它们。

这很难调试

if(move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}") && @mysql_query($sqlinsertString, $dbc))

如果sql出错或者move_uploaded_file失败,这将具有相同的行为。移动文件是众所周知的婊子,因为所有这些权限问题。也许尝试分离那些:

if (mysql_query($sqlInsertString))
 {if (move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}"))
   {echo 'both worked!';}}
  else
   {echo 'only the query worked';}
else
 {echo 'the query failed';}