来自表单数据的PHP变量

时间:2013-12-20 22:43:17

标签: php html mysql forms

我有一个PHP脚本,我试图用来从html文档中提取表单数据,处理它然后将数据写入mysql数据库表。

我可以让脚本写入mysql数据库ok,但它只传递空字符串,我在脚本开头声明变量为空字符串,然后从表单元素传递$ _POST数据,但是它似乎没有起作用,我已经尝试了所有引用和连接的方式而没有成功。

当我回显变量时,它们只是空的,继承代码,它是相当长的形式,但大多数变量都以相同的方式处理,任何帮助都会非常感激,我对PHP很新。

<?PHP
//Create null variables
$datereportId = "";
$timereportId = "";
$nameinvolvedId = "";
$maleinvolvedId = "";
$femaleinvolvedId = "";
$addressinvolvedId = "";
$telinvolvedId = "";
$deptinvolvedId = "";
$jobinvolvedId = "";
$supinvolvedId = "";
$cjemployId = "";
$othemployId = "";
$contractId = "";
$visitId = "";
$paxId = "";
$publicId = "";
$apronId = "";
$terminalId = "";
$hangarId = "";
$terminalId = "";
$othlocationId = "";
$captainId = "";
$csId = "";
$aircraftId = "";
$fltnoId = "";
$seatnoId = "";
$sectorId = "";
$accbyId = "";
$relationId = "";
$dateaccId = "";
$timeaccId = "";
$weathercondId = "";
$weathercommentsId = "";
$normdutyId = "";
$normdutnId = "";
$areacleanyId = "";
$areacleannId = "";
$heatyId = "";
$heatnId = "";
$ppeyId = "";
$ppenId = "";
$equipyId = "";
$equipnId = "";
$commentsId = "";
$accna1Id = "";
$accfi2Id = "";
$accex3Id = "";
$accel4Id = "";
$accco5Id = "";
$accob6Id = "";
$accfa7Id = "";
$accsl8Id = "";
$accma9Id = "";
$accpl10Id = "";
$accst11Id = "";
$accve12Id = "";
$accph13Id = "";
$accsh14Id = "";
$accth15Id = "";
$accot16Id = "";
$acccomments17Id = "";
$injna1Id = "";
$injab2Id = "";
$injla3Id = "";
$injbu4Id = "";
$injbr5Id = "";
$injfa6Id = "";
$injir7Id = "";
$injbl8Id = "";
$injfr9Id = "";
$injin10Id = "";
$injre11Id = "";
$injcr12Id = "";
$injel13Id = "";
$injco14Id = "";
$injsh15Id = "";
$injot16Id = "";
$injcomments17Id = "";
$bodna1Id = "";
$bodab2Id = "";
$bodba3Id = "";
$bodch4Id = "";
$bodhe5Id = "";
$bodey6Id = "";
$bodea7Id = "";
$bodno8Id = "";
$bodte9Id = "";
$bodha10Id = "";
$bodar11Id = "";
$bodle12Id = "";
$bodkn13Id = "";
$bodan14Id = "";
$bodfo15Id = "";
$bodot16Id = "";
$bodcomments17Id = "";
$faidyId = "";
$faidnId = "";
$faidy_nameId = "";
$fkityId = "";
$fkitnId = "";
$fkity_nameId = "";
$doctyId = "";
$doctnId = "";
$docty_commentId = "";
$hospyId = "";
$hospnId = "";
$hospy_commentId = "";
$medic_commentId = "";
$wit1nameId = "";
$wit1addrId = "";
$wit1telId = "";
$wit2nameId = "";
$wit2addrId = "";
$wit2telId = "";
$wit3nameId = "";
$wit3addrId = "";
$wit3telId = "";
$submitbyId = "";
$submitbyemailId = "";
$submitbytitleId = "";
$submitbydeptId = "";
$sexinvolvedId = "";
$orginvolved = "";
$location = "";
$normalduty = "";
$areaclean = "";
$heating = "";
$ppeworn = "";
$equipcheck = "";
$accnature = "";
$injnature = "";
$bodnature = "";
$firstaid = "";
$fakused = "";
$doctor = "";
$hospreq = "";

//If form is submitted populate data
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
//Populate variables with sanitised data variables
//$datereportId = test_input($_POST["id_datereport"]);
//$timereportId = test_input($_POST["id_timereport"]);
$nameinvolvedId = test_input($_POST["id_nameinvolved"]);
$maleinvolvedId = test_input($_POST["id_maleinvolved"]);
$femaleinvolvedId = test_input($_POST["id_femaleinvolved"]);
$addressinvolvedId = test_input($_POST["id_addressinvolved"]);
$telinvolvedId = test_input($_POST["id_telinvolved"]);
$deptinvolvedId = test_input($_POST["id_deptinvolved"]);
$jobinvolvedId = test_input($_POST["id_jobinvolved"]);
$supinvolvedId = test_input($_POST["id_supinvolved"]);
$cjemployId = test_input($_POST["id_cjemploy"]);
$othemployId = test_input($_POST["id_othemploy"]);
$contractId = test_input($_POST["id_contract"]);
$visitId = test_input($_POST["id_visit"]);
$paxId = test_input($_POST["id_pax"]);
$publicId = test_input($_POST["id_public"]);
$apronId = test_input($_POST["id_apron"]);
$terminalId = test_input($_POST["id_terminal"]);
$hangarId = test_input($_POST["id_hangar"]);
$terminalId = test_input($_POST["id_terminal"]);
$othlocationId = test_input($_POST["id_othlocation"]);
$captainId = test_input($_POST["id_captain"]);
$csId = test_input($_POST["id_cs"]);
$aircraftId = test_input($_POST["id_aircraft"]);
$fltnoId = test_input($_POST["id_fltno"]);
$seatnoId = test_input($_POST["id_seatno"]);
$sectorId = test_input($_POST["id_sector"]);
$accbyId = test_input($_POST["id_accby"]);
$relationId = test_input($_POST["id_relation"]);
//$dateaccId = test_input($_POST["id_dateacc"]);
//$timeaccId = test_input($_POST["id_timeacc"]);
$weathercondId = test_input($_POST["id_weathercond"]);
$weathercommentsId = test_input($_POST["id_weathercomments"]);
$normdutyId = test_input($_POST["id_normduty"]);
$normdutnId = test_input($_POST["id_normdutn"]);
$areacleanyId = test_input($_POST["id_areacleany"]);
$areacleannId = test_input($_POST["id_areacleann"]);
$heatyId = test_input($_POST["id_heaty"]);
$heatnId = test_input($_POST["id_heatn"]);
$ppeyId = test_input($_POST["id_ppey"]);
$ppenId = test_input($_POST["id_ppen"]);
$equipyId = test_input($_POST["id_equipy"]);
$equipnId = test_input($_POST["id_equipn"]);
$equipcommentsId = test_input($_POST["id_equipcomments"]);
$accna1Id = test_input($_POST["id_accna1"]);
$accfi2Id = test_input($_POST["id_accfi2"]);
$accex3Id = test_input($_POST["id_accex3"]);
$accel4Id = test_input($_POST["id_accel4"]);
$accco5Id = test_input($_POST["id_accco5"]);
$accob6Id = test_input($_POST["id_accob6"]);
$accfa7Id = test_input($_POST["id_accfa7"]);
$accsl8Id = test_input($_POST["id_accsl8"]);
$accma9Id = test_input($_POST["id_accma9"]);
$accpl10Id = test_input($_POST["id_accpl10"]);
$accst11Id = test_input($_POST["id_accst11"]);
$accve12Id = test_input($_POST["id_accve12"]);
$accph13Id = test_input($_POST["id_accph13"]);
$accsh14Id = test_input($_POST["id_accsh14"]);
$accth15Id = test_input($_POST["id_accth15"]);
$accot16Id = test_input($_POST["id_accot16"]);
$acccomments17Id = test_input($_POST["id_acccomments17"]);
$injna1Id = test_input($_POST["id_injna1"]);
$injab2Id = test_input($_POST["id_injab2"]);
$injla3Id = test_input($_POST["id_injla3"]);
$injbu4Id = test_input($_POST["id_injbu4"]);
$injbr5Id = test_input($_POST["id_injbr5"]);
$injfa6Id = test_input($_POST["id_injfa6"]);
$injir7Id = test_input($_POST["id_injir7"]);
$injbl8Id = test_input($_POST["id_injbl8"]);
$injfr9Id = test_input($_POST["id_injfr9"]);
$injin10Id = test_input($_POST["id_injin10"]);
$injre11Id = test_input($_POST["id_injre11"]);
$injcr12Id = test_input($_POST["id_injcr12"]);
$injel13Id = test_input($_POST["id_injel13"]);
$injco14Id = test_input($_POST["id_injco14"]);
$injsh15Id = test_input($_POST["id_injsh15"]);
$injot16Id = test_input($_POST["id_injot16"]);
$injcomments17Id = test_input($_POST["id_injcomments17"]);
$bodna1Id = test_input($_POST["id_bodna1"]);
$bodab2Id = test_input($_POST["id_bodab2"]);
$bodba3Id = test_input($_POST["id_bodba3"]);
$bodch4Id = test_input($_POST["id_bodch4"]);
$bodhe5Id = test_input($_POST["id_bodhe5"]);
$bodey6Id = test_input($_POST["id_bodey6"]);
$bodea7Id = test_input($_POST["id_bodea7"]);
$bodno8Id = test_input($_POST["id_bodno8"]);
$bodte9Id = test_input($_POST["id_bodte9"]);
$bodha10Id = test_input($_POST["id_bodha10"]);
$bodar11Id = test_input($_POST["id_bodar11"]);
$bodle12Id = test_input($_POST["id_bodle12"]);
$bodkn13Id = test_input($_POST["id_bodkn13"]);
$bodan14Id = test_input($_POST["id_bodan14"]);
$bodfo15Id = test_input($_POST["id_bodfo15"]);
$bodot16Id = test_input($_POST["id_bodot16"]);
$bodcomments17Id = test_input($_POST["id_bodcomments17"]);
$faidyId = test_input($_POST["id_faidy"]);
$faidnId = test_input($_POST["id_faidn"]);
$faidy_nameId = test_input($_POST["id_faidy_name"]);
$fkityId = test_input($_POST["id_fkity"]);
$fkitnId = test_input($_POST["id_fkitn"]);
$fkity_nameId = test_input($_POST["id_fkity_name"]);
$doctyId = test_input($_POST["id_docty"]);
$doctnId = test_input($_POST["id_doctn"]);
$docty_commentId = test_input($_POST["id_docty_comment"]);
$hospyId = test_input($_POST["id_hospy"]);
$hospnId = test_input($_POST["id_hospn"]);
$hospy_commentId = test_input($_POST["id_hospy_comment"]);
$medic_commentId = test_input($_POST["id_medic_comment"]);
$wit1nameId = test_input($_POST["id_wit1name"]);
$wit1addrId = test_input($_POST["id_wit1addr"]);
$wit1telId = test_input($_POST["id_wit1tel"]);
$wit2nameId = test_input($_POST["id_wit2name"]);
$wit2addrId = test_input($_POST["id_wit2addr"]);
$wit2telId = test_input($_POST["id_wit2tel"]);
$wit3nameId = test_input($_POST["id_wit3name"]);
$wit3addrId = test_input($_POST["id_wit3addr"]);
$wit3telId = test_input($_POST["id_wit3tel"]);
//$submitbyId = test_input($_POST["id_submitby"]);
//$submitbyemailId = test_input($_POST["id_submitbyemail"]);
//$submitbytitleId = test_input($_POST["id_submitbytitle"]);
//$submitbydeptId = test_input($_POST["id_submitbydept"]);

$sexinvolvedId = $maleinvolvedId . $femaleinvolvedId;
$orginvolved = $cjemployId . $othemployId . $contractId . $visitId . $paxId . $publicId;
$location = $apronId . $terminalId . $hangarId . $terminalId . $othlocationId;
$normalduty = $normdutyId . $normdutnId;
$areaclean = $areacleanyId . $areacleannId;
$heating = $heatyId . $heatnId;
$ppeworn = $ppeyId . $ppeyId;
$equipcheck = $equipyId . $equipnId;
$accnature = $accna1Id . $accfi2Id . $accex3Id . $accel4Id . $accco5Id . $accob6Id . $accfa7Id . $accsl8Id . $accma9Id . $accpl10Id . $accst11Id . $accve12Id . $accph13Id . $accsh14Id . $accth15Id . $accot16Id;
$injnature = $injna1Id . $injab2Id . $injla3Id . $injbu4Id . $injbr5Id . $injfa6Id . $injir7Id . $injbl8Id . $injfr9Id . $injin10Id . $injre11Id . $injcr12Id . $injel13Id . $injco14Id . $injsh15Id . $injot16Id;
$bodnature = $bodna1Id . $bodab2Id . $bodba3Id . $bodch4Id . $bodey6Id . $bodea7Id . $bodno8Id . $bodte9Id . $bodha10Id . $bodar11Id . $bodle12Id . $bodkn13Id . $bodan14Id . $bodfo15Id . $bodot16Id;
$firstaid = $faidyId . $faidnId;
$fakused = $fkityId . $fkitnId;
$doctor = $doctyId . $doctnId;
$hospreq = $hospyId . $hospnId;
}
//Sanitise all variables
function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}

//Mandatory variable handling, define variables and set to empty values
$nameErr = $emailErr = $posErr = $depErr = $dateErr = $timeErr = $dateErr1 = $timeErr1 = "";

if ($_SERVER["REQUEST_METHOD"] == "POST")
{

  if (empty($_POST["id_submitby"]))
    {$nameErr = "Name is required";}
  else
    {$submitbyId = test_input($_POST["id_submitby"]);}

  if (empty($_POST["id_submitbyemail"]))
    {$emailErr = "Email is required";}
  else
    {$submitbyemailId = test_input($_POST["id_submitbyemail"]);}

  if (empty($_POST["id_submitbytitle"]))
    {$posErr = "Job title is required";}
  else
    {$submitbytitleId = test_input($_POST["id_submitbytitle"]);}

  if (empty($_POST["id_submitbydept"]))
    {$depErr = "Department is required";}
  else
    {$submitbydeptId = test_input($_POST["id_submitbydept"]);}

  if (empty($_POST["id_datereport"]))
    {$dateErr = "Date is required";}
  else
    {$datereportId = test_input($_POST["id_datereport"]);}

    if (empty($_POST["id_timereport"]))
    {$timeErr = "Time is required";}
  else
    {$datereportId = test_input($_POST["id_datereport"]);}

    if (empty($_POST["id_dateacc"]))
    {$dateErr1 = "Date is required";}
  else
    {$datereportId = test_input($_POST["id_dateacc"]);}

    if (empty($_POST["id_timeacc"]))
    {$timeErr1 = "Time is required";}
  else
    {$datereportId = test_input($_POST["id_timeacc"]);}
}

$email = test_input($_POST["id_submitbyemail"]);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
  {
  $emailErr1 = "Invalid email format"; 
  }

spamcheck($_POST["id_submitbyemail"]);

function spamcheck($field)
  {
  //filter_var() sanitizes the e-mail
  //address using FILTER_SANITIZE_EMAIL
  $field=filter_var($field, FILTER_SANITIZE_EMAIL);

  //filter_var() validates the e-mail
  //address using FILTER_VALIDATE_EMAIL
  if(filter_var($field, FILTER_VALIDATE_EMAIL))
    {
    $submitbyemailId_OK = $field;
    return $submitbyemailId_OK;
    }
  else
    {
    $submitbyemailId_OK = "Spam email error";
    return $submitbyemailId_OK;
    }
  }

//Check for null or empty variables and assign mysql value
function checkNull($var)
{
  if($var == '')
  {
   $var = '--';
  }
  else
  {
   $var = $var;
  }
}

//Apply checkNull to variables
checkNull($datereportId);
checkNull($timereportId);
checkNull($nameinvolvedId);
checkNull($addressinvolvedId);
checkNull($telinvolvedId);
checkNull($deptinvolvedId);
checkNull($jobinvolvedId);
checkNull($supinvolvedId);
checkNull($othlocationId);
checkNull($captainId);
checkNull($csId);
checkNull($aircraftId);
checkNull($fltnoId);
checkNull($seatnoId);
checkNull($sectorId);
checkNull($accbyId);
checkNull($relationId);
checkNull($dateaccId);
checkNull($timeaccId);
checkNull($weathercondId);
checkNull($weathercommentsId);
checkNull($equipcommentsId);
checkNull($acccomments17Id);
checkNull($injcomments17Id);
checkNull($bodcomments17Id);
checkNull($faidy_nameId);
checkNull($fkity_nameId);
checkNull($docty_commentId);
checkNull($hospy_commentId);
checkNull($medic_commentId);
checkNull($wit1nameId);
checkNull($wit1addrId);
checkNull($wit1telId);
checkNull($wit2nameId);
checkNull($wit2addrId);
checkNull($wit2telId);
checkNull($wit3nameId);
checkNull($wit3addrId);
checkNull($wit3telId);
checkNull($submitbyId);
checkNull($submitbyemailId);
checkNull($submitbytitleId);
checkNull($submitbydeptId);
checkNull($sexinvolvedId);
checkNull($orginvolvedId);
checkNull($locationId);
checkNull($normaldutyId);
checkNull($areacleanId);
checkNull($heatingId);
checkNull($ppewornId);
checkNull($equipcheckId);
checkNull($accnatureId);
checkNull($injnatureId);
checkNull($bodnatureId);
checkNull($firstaId);
checkNull($fakusedId);
checkNull($doctorId);
checkNull($hospreqId);

//Create mysql connection
$host = '';
$id = 'u1282431_skelly';
$pwd = '';
$db = 'db1282431_healthsafety';

$connection = @mysqli_connect($host, $id, $pwd, $db); 

//Check connection  
if (mysqli_connect_errno())
    {
    echo "Failed to connect" . mysqli_connect_error();
    }

//Insert entries from form into table
$sql="INSERT INTO healthsafety (datereport, timereport, nameinvolved, sexinvolved, addressinvolved, telinvolved, deptinvolved, jobinvolved, supinvolved, orginvolved, location, othlocation, captain, cs, aircraft, fltno, seatno, sector, accby, relation, dateacc, timeacc, weathercond, weathercomments, normalduty, areaclean, heating, ppeworn, equipcheck, equipcheckcomments, accnature, accother, injnature, injother, bodnature, bodother, firstaid, firstaidby, fakused, fakusedby, doctor, doctorinfo, hospreq, hospinfo, medcomment, wit1name, wit1addr, wit1tel, wit2name, wit2addr, wit2tel, wit3name, wit3addr, wit3tel, submitbyname, submitbyemail, submitbytitle, submitbydept)
VALUES 
('$_POST[id_datereport]', '$timereportId', '$nameinvolvedId', '$sexinvolvedId', '$addressinvolvedId', '$telinvolvedId', '$deptinvolvedId', '$jobinvolvedId', '$supinvolvedId', '$orginvolvedId', '$locationId', '$othlocationId', '$captainId', '$csId', '$aircraftId', '$fltnoId', '$seatnoId', '$sectorId', '$accbyId', '$relationId', '$dateaccId', '$timeaccId', '$weathercondId', '$weathercommentsId', '$normaldutyId', '$areacleanId', '$heatingId', '$ppewornId', '$equipcheckId', '$commentsId', '$accnatureId', '$acccomments17Id', '$injnatureId', '$injcomments17Id', '$bodnatureId', '$bodcomments17Id', '$firstaid', '$faidy_nameId', '$fakusedId', '$fkity_nameId', '$doctorId', '$docty_commentId', '$hospreqId', '$hospy_commentId', '$medic_commentId', '$wit1nameId', '$wit1addrId', '$wit1telId', '$wit2nameId', '$wit2addrId', '$wit2telId', '$wit3nameId', '$wit3addrId', '$wit3telId', '$submitbyId', '$submitbyemailId', '$submitbytitleId', '$submitbydeptId');";
//Entry success or failure message
if (!mysqli_query($connection,$sql))
    {
    //Error message if entry fails
    die('Error: ' . mysqli_error($connection));
    }
else
    {
    //output success html page if entries were successfully added:
    echo "Entries added";
    }

?>

2 个答案:

答案 0 :(得分:0)

尝试使用类似的东西,以获得正确的内容:

function give_get($varname)
{
      if (isset($_GET[$varname])) return trim($_GET[$varname]);
      else return "";
}

function give_post($varname)
{
      if (isset($_POST[$varname])) return trim($_POST[$varname]);
      else return "";
}

答案 1 :(得分:0)

我会尝试为您提供主要概念,然后您可以将其应用于您的案例。假设您有这样的表格:

<form action="path/to/handler/file.php" method="post">
    Name:  <input type="text" name="name">
    Email: <input type="text" name="email">
    Phone: <input type="text" name="phone">
    <input type="submit" name="submit" value="Submit">
</form>

现在在处理程序文件中:

if (!empty($_POST)) {
    foreach ($_POST as $key => $value) {
        ${$key} = htmlspecialchars(trim($value), ENT_QUOTES, 'UTF-8');
    }
}

这段代码将为您提供下一个代码:

// supposing that the next values are those the user entered
$name  = "john doe";
$email = "john.doe@gmail.com";
$phone = "55555555";

现在你可以处理这些变量($name$email$phone)来做你想做的事情,比如检查变量是否为空,检查它是否为空是否有效的电子邮件,检查它是否是数字等等,然后将它们保存在数据库中。