简单的PHP表单插入" 1"进入所有字段而不是varchar

时间:2015-03-19 19:56:14

标签: php mysql

所以我有一个简单的数据库,有两个字段,名称和电子邮件。 varchars和数据库都是MyISAM。我让它工作并保存到数据库,但输入字段自动填充数字1 ...无论我输入到输入字段,数据库在名称和电子邮件字段中保存1。这是因为php已经过时了吗?谢谢,对不起格式化......

继承了我惊人的代码:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Subscribe to our Newsletter</title>
</head>

<body>
    <?php
       $name = $_POST["name"] || "";
       $email = $_POST["email"] || "";
    ?>

<h2>Subscribe to our Newsletter</h2>

<form action="<?php echo htmlentities($_SERVER["PHP_SELF"]); ?>" method="post">
<p><strong>Name: </strong><input name="name" type="text" width="50" value="             
<?php echo $name; ?>" /></p>
<p><strong>Email: </strong><input name="email" type="text" width="50" value="<?php echo $email; ?>"/></p>
<p><input type="submit" name="submit" value="Submit" /></p>
</form>

<?php
if ($name == "" || $email == "") return;

$dbc = mysql_connect("localhost", "username", "password");

$db = mysql_select_db("databaseName");

$query = 'SELECT * FROM subscribers WHERE email = "' .     mysql_real_escape_string($email) . '"';

$result = mysql_query($query) || die("Could not run select query!");

if (mysql_num_rows($result) > 0) {

echo $email . " already exists in the subscriber database!";

}

else {

$query = 'INSERT INTO subscribers (id, name, email) VALUES (null,"' .     mysql_real_escape_string($name) . '", "' . mysql_real_escape_string($email) .    '")';

$result = mysql_query($query) || die("Error adding " . $email . " to the  database!");

echo $name . " at " . $email . " was successfully added to the database!";

}

?>

</body>

</html>

继承教程: http://www.ehow.com/how_8368335_create-subscribe-newsletter-php-database.html

1 个答案:

答案 0 :(得分:5)

让这个去迈克:

<!doctype html>
<head></head>
<title></title>

<body>
    <form action="<?php echo htmlentities($_SERVER["PHP_SELF"]); ?>" method="post">
    <p><strong>Name: </strong>
    <input name="name" type="text" width="50">     
    </p>
    <p><strong>Email: </strong>
    <input name="email" type="text" width="50" /></p>
    <p><input type="submit" name="submit" value="Submit" /></p>
    </form>
</body>
</html>

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

$con = mysqli_connect('localhost', 'xxx', 'xxx', 'db');

if (!$con) {
    die('Connect Error: ' . mysqli_connect_error());
}

if( isset($_POST['submit']) 
    && !empty($_POST['name']) 
    && !empty($_POST['email']) ){

$checkemail = mysqli_real_escape_string($con, $_POST['email']);

$query = "SELECT * FROM subscribers WHERE email = '".$checkemail."'";

$result = mysqli_query($con, $query) or die(mysqli_error($con));

if (mysqli_num_rows($result) > 0) {

   echo $checkemail . " already exists in the subscriber database!";
   exit;
}



    $name = mysqli_real_escape_string($con, $_POST['name']);
    $email = mysqli_real_escape_string($con, $_POST['email']);

$sql = mysqli_prepare($con, "INSERT INTO subscribers 
                         (id, name, email)
                          VALUES (null,?,?)");
    $sql->bind_param("ss", $name, $email);
    $sql->execute();

if($sql){
   echo "Success!";
}

}
相关问题
最新问题