留言簿:未定义的变量

时间:2014-03-27 13:17:36

标签: php mysql

所以我的留言簿有问题,希望你能找到我的错误......

这是我的表格:

<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<link rel="stylesheet" href="styles.css">
<title> - Contact me | USA </title>
</head>
<body>
<form method="post" action="addguestbook.php">
<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong>Atsiliepimų knyga </strong></td>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form id="form1" name="form1" method="post" action="addguestbook.php">
<td>
<table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td width="117">Vardas</td>
<td width="14">:</td>
<td width="357"><input name="name" type="text" id="name" size="40" /></td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="40" /></td>
</tr>
<tr>
<td valign="top">Komentaras</td>
<td valign="top">:</td>
<td><textarea name="comment" cols="40" rows="3" id="comment"></textarea></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong><a href="viewguestbook.php">View Guestbook</a> </strong></td>
</tr>
</table>
</form>
</body>
</html>

这是用于将信息添加到MYSQL表的PHP代码:

<?php
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="guestbook"; // Table name 

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect server "); 
mysql_select_db("$db_name")or die("cannot select DB");

$datetime=date("y-m-d h:i:s"); //date time

$sql="INSERT INTO $tbl_name(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
$result=mysql_query($sql);

if (isset($_POST['submit']))
  {
    $name=$_POST['name'];

    $email=$_POST['email'];

    $comment=$_POST['comment'];


 if(!$name || !$comment)
    {
      print "<font color='red'>Name or comment not entered, please go back and sign again</font><br>";
    }

   else
    {

     $datetime=date("D M d, Y H:i:s");    
     $putinguestbook="INSERT INTO gbook(name, email, comment) VALUES('$name','$email','$comment','$day')";
  $result=mysql_query($putinguestbook);



    }
  }

         if($result){
echo "Successful";
echo "<BR>";
echo "<a href='viewguestbook.php'>View guestbook</a>"; // link to view guestbook page
}

else {
echo "ERROR";
}


mysql_close();
?>

这是查看留言簿的代码:

<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong>View Guestbook | <a href="guestbook.php">Sign Guestbook</a> </strong></td>
</tr>
</table>
<br>

<?php

$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="guestbook"; // Table name 

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect server "); 
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
while($rows=mysql_fetch_array($result)){
?>

<table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td><table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td>ID</td>
<td>:</td>
<td><? echo $rows['id']; ?></td>
</tr>
<tr>
<td width="117">Name</td>
<td width="14">:</td>
<td width="357"><? echo $rows['name']; ?></td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><? echo $rows['email']; ?></td>
</tr>
<tr>
<td valign="top">Comment</td>
<td valign="top">:</td>
<td><? echo $rows['comment']; ?></td>
</tr>
<tr>
<td valign="top">Date/Time </td>
<td valign="top">:</td>
<td><? echo $rows['datetime']; ?></td>
</tr>
</table></td>
</tr>
</table>

<?php
}
mysql_close(); //close database
?>

我得到一个错误,说:

  

注意:未定义的变量:第14行的D:\ wamp \ www \ addguestbook.php中的名称

     

注意:未定义的变量:第14行的D:\ wamp \ www \ addguestbook.php中的电子邮件

     

注意:未定义的变量:第14行的D:\ wamp \ www \ addguestbook.php中的注释

我找不到正确的方法来纠正这个问题......如果你帮助了我,我将非常感激:)

3 个答案:

答案 0 :(得分:1)

查看此片段(从您的脚本添加到数据库):

$sql="INSERT INTO $tbl_name(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
$result=mysql_query($sql);

if (isset($_POST['submit']))
{
    $name=$_POST['name'];
    $email=$_POST['email'];
    $comment=$_POST['comment'];
    ....
}

正如您所看到的,您在$name查询中使用变量$emailINSERT和其他人,但只在您定义它们的if子句中使用{({ {1}})。您也应该将INSERT查询放在if子句中(在声明变量之后),或者,如果要在那里,则定义变量。

很可能这就是你想要的:

$name = $_POST['name']

当然,我必须敦促你阅读this post about SQL injection,因为就像现在一样,你的脚本非常不安全。

答案 1 :(得分:0)

在将$name, $email and $comment变量分配给$sql字符串后,您需要设置它们。

$sql="INSERT INTO $tbl_name(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
$result=mysql_query($sql);

if (isset($_POST['submit']))
  {
    $name=$_POST['name'];

    $email=$_POST['email'];

    $comment=$_POST['comment'];

答案 2 :(得分:0)

未声明此变量,您应在使用前声明它们。您可以添加到 addguestbook.php 

$name = htmlspecialchars($_POST["name"]);
$email = htmlspecialchars($_POST["email"]);
$comment = htmlspecialchars($_POST["comment"]);

之前:

$sql="INSERT INTO $tbl_name(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
相关问题
最新问题