PHP代码不将数据输入数据库

时间:2014-04-25 23:24:29

标签: php html mysqli

我在将表单发送到数据库时遇到问题。我已经试了一个小时来解决这个问题;我用#34; echo mysqli_error();"但没有收到任何错误,只是缺少新数据进入我的数据库(似乎提交表单不是重新加载页面来发送信息)。数据库使用config.php,connectDB.php和header.php为我的其余页面工作,因此问题不在于数据库设置。我相信错误在" isset($ _ POST [' submit'])",因为它没有用标题()重新加载页面,但我和#39; m提供我的其余代码以防万一。 (我知道这段代码不受SQL注入保护,表单验证是我修复后的下一步):

<?php
require_once ("Includes/config.php"); 
require_once  ("Includes/connectDB.php");
include("Includes/header.php");
if (isset($_POST['submit'])){
                $name = $_POST['name'];
                $email = $_POST['email'];
                $content = $_POST['content'];
                $query = "INSERT INTO requests (name, email, content) VALUES (?, ?, ?)";

                $statement = $databaseConnection->prepare($query);
                $statement->bind_param('sss', $name, $email, $content);
                header('Location: /index.php');

                $statement->execute()
                $statement->store_result();
                setcookie("nameErr"," ", time()+3600);
                setcookie("emailErr"," ", time()+3600);
                setcookie("contentErr"," ", time()+3600);
                setcookie("contentSucc","Announcement Request Successful", time()+3600);
                header('Location: /request.php');

}
?>
<div id="main">
        <ol>
            <li>
                <label for="name">Name:</label> 
                <input type="text" name="name" value="" id="name" />
                <span class="error">* <?php if (isset($_COOKIE["nameErr"])){echo $_COOKIE["nameErr"];}?></span>
            </li>
            <li>
                <label for="email">Email:</label>
                <input type="text" name="email" value="" id="email" style = "position: relative; left: 3px;"/>
                <span class="error" style = "position: relative; left: 3px;">* <?php if (isset($_COOKIE["emailErr"])){echo $_COOKIE["emailErr"];}?></span>
            </li>
            <li>
                    <label for="content">Requested Announcement:</label><br>
                    <textarea rows="18" cols="140" name="content" id="content"></textarea>
                    <br>
                    <span class="error"> <?php if (isset($_COOKIE["contentErr"])){echo $_COOKIE["contentErr"];}?></span>
                    <span class="error"> <?php if (isset($_COOKIE["contentSucc"])){echo $_COOKIE["contentSucc"];}?></span>
            </li>
        </ol>
        <input type="submit" name="submit" value="Submit " style = "position: relative; left: 40px;" /> 
        <!-- onclick="window.location='request.php';" -->   
        <p>
            <a class="cancel" href="index.php" style = "position: relative; left: 40px;">Cancel</a>
        </p>
</div>

1 个答案:

答案 0 :(得分:1)

  1. 您在执行SQL之前重定向到另一个网页。
  2. 你不会在行尾有分号。
  3. <form>标签周围没有<input>
  4. 你不应该做很多事情来阻止SQL注入。只要您正确使用MySQLi,就可以了。

    5. 更改此

                $statement->bind_param('sss', $name, $email, $content);
            header('Location: /index.php');

            $statement->execute()

    到这个

                $statement->bind_param('sss', $name, $email, $content);
            $statement->execute();
            $statement->close();

            header('Location: /index.php');
相关问题
最新问题