数据未插入数据库且没有错误

时间:2015-06-29 02:01:44

标签: php mysql

我有问题......

我试图将数据插入我的html5表单并将其插入数据库。现在我有一个表格和一个应该正常工作的脚本;相反,没有数据插入数据库,并且没有显示错误。请帮忙。

form.php的

<form name="loginForm" method="post" action="process.php">
<input id="username" type="text" placeholder="Username" name="username">
<input id="password" type="password" placeholder="Password" name="password">
<input type="submit" id="Login" class="form-control" value="Log In">
</form>

process.php 

<?
$username=$_POST['username'];
$password=$_POST['password'];
mysql_connect("localhost", "root", "toor") or die(mysql_error());
mysql_select_db("formd") or die(mysql_error());  mysql_query("INSERT INTO `data` VALUES ('$username', '$password')");
Print "Your information has been successfully added to the database.";
?>

现在我知道这不是存储密码或用户名的安全方法,但这不适用于任何网站我真的只想知道如何从我的表单中获取信息并将其存储到数据库中。

2 个答案:

答案 0 :(得分:0)

您已经为所有mysql函数调用添加了最小的错误处理,但是实际查询中涉及的那个....

该脚本也是prone to sql injections

mysql_ *扩展名已被弃用,更好pick another mysql extension

<?php
$mysql = mysql_connect("localhost", "root", "toor")
  or die(mysql_error());
mysql_select_db("formd", $mysql)
  or die(mysql_error($mysql)); 

$username=mysql_real_escape_string($_POST['username'], $mysql);
$password=mysql_real_escape_string($_POST['password'], $mysql);

mysql_query("INSERT INTO `data` VALUES ('$username', '$password')", $mysql)
  or die(mysql_error($mysql));
echo "Your information has been successfully added to the database.";

使用or die(mysql_error())可以导致Information Leakage issues

答案 1 :(得分:0)

我自己还在学习基础知识,我还没有对它进行测试,只是将它从一个非常长的sql脚本中剪掉了,所以它可能有用而且可能没有,希望它能帮助你...如果不看看在代码下面的链接。希望它适合您或可能需要一些调整。感谢

    <?php
if (isset($_POST['submit'])) {

$submit         = $_POST['submit'];
$username     = $_POST['username'];
$password     = $_POST['password'];

$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'toor';
$conn   = mysql_connect($dbhost, $dbuser, $dbpass);
if (!$conn) {
    die('Could not connect: '.mysql_error());
}

$sql = "INSERT INTO data (username','password')
              VALUES('$username','$password')";

mysql_select_db('formd');
$retval = mysql_query($sql, $conn);
if (!$retval) {
    die('Could not enter your data: '.mysql_error());
}
echo "Entered your dara successfully\n";
mysql_close($conn);
} else {
    echo "Something has gone wrong.";
}

?>

要查看的替代链接:http://www.jotform.com/help/126-How-to-send-Submissions-to-Your-MySQL-Database-Using-PHP

相关问题
最新问题