Question

仅在DB中填充email和telephone个数据字段。

firstName，lastName和changeRequest未填充我收到了消息＆＃34; Form Submitted＆＃34;。

<html>
<body bgcolor="99ccff">
<head>
<title>Change Request</title>
</head>

<h1>Submitting Change Request</h1>

<p>Change Request</p>


<form name="htmlform" method="post" action="html_form_send.php">
<table width="450px">
</tr>
<tr>
 <td valign="top">
  <label for="first_name">First Name *</label>
 </td>
 <td valign="top">
  <input  type="text" name="firstName" maxlength="50" size="30">
 </td>
</tr>

<tr>
 <td valign="top"">
  <label for="last_name">Last Name *</label>
 </td>
 <td valign="top">
  <input  type="text" name="lastName" maxlength="50" size="30">
 </td>
</tr>
<tr>
 <td valign="top">
  <label for="email">Email Address *</label>
 </td>
 <td valign="top">
  <input  type="text" name="email" maxlength="80" size="30">
 </td>

</tr>
<tr>
 <td valign="top">
  <label for="telephone">Telephone Number</label>
 </td>
 <td valign="top">
  <input  type="text" name="telephone" maxlength="30" size="30">
 </td>
</tr>
<tr>
 <td valign="top">
  <label for="changeRequest">Change Request *</label>
 </td>
 <td valign="top">
  <textarea  name="changeRequest" maxlength="1000" cols="25" rows="6"></textarea>
 </td>

</tr>
<tr>
 <td colspan="2" style="text-align:center">
  <input type="submit" value="Submit">   
 </td>
</tr>
</table>
</form>

<



</body>
</html>

html_form_send.php

    <?php

define('DB_NAME', 'mytestdb');
define('DB_USER', 'root');
define('DB_PASS', '7vMUgtEU8NnU');
define('DB_HOST', 'localhost');

$link = mysql_connect(DB_HOST, DB_USER, DB_PASS);

if (!$link) {
    dir('There was a problem when trying to connect to the host. Please contact Tech Support. Error: ' . mysql_error());    
}

$db_selected = mysql_select_db(DB_NAME, $link);

if (!$link) {
    dir('There was a problem when trying to connect to the database. Please contact Tech Support. Error: ' . mysql_error());    
}

$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$changeRequest = $_POST['changeRequest'];

$sql = "INSERT INTO changeRequest (firstName, lastName, email, telephone, changeRequest) VALUES ('$firstName', '$lastName', '$email', '$telephone', '$changeRequest')";

if (!mysql_query($sql)) {
    die('Error: ' . mysql_error()); 
}
echo "<p>Form Submitted</br>";
?>

Answer 1

</tr>属性下有一个table属性，我认为第一件事就是做到这一点。

<之后还有一个</form>。请删除它。

Answer 2

调试这样的情况，注释掉程序的前半部分（if (0) { ... }），手动设置变量，并查看mysql代码是否存在变量。

然后反过来，注释掉mysql部分，看看变量是否从表单中设置。

您还需要转义传递给mysql的值以防止sql注入攻击

从HTML表单到MySQL的数据插入不完整

2 个答案: