来自PHP表单的数据不会发布到mySQL

Question

我是编码的新手，所以我不确定为什么在提交表单后我没有将数据存储在mySQL中。我开始使用代码生成器，但它只是工作。谢谢你的帮助。这是我的代码：

形式：

＆＃13;

＆＃13;

<html>
  <body>
    <form id="FormName" action="added.php" method="post" name="FormName">
    <table width="448" border="0" cellspacing="2" cellpadding="0">

    <tr><td width = "150"><div align="right"><label for="name">Name of Farm    </label></div></td>

<td><input id="name" name="name" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="owners">Name of Owners</label></div></td>

<td><input id="owners" name="owners" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="location">Location (city,state)</label></div></td>

<td><input id="location" name="location" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="phone">Phone</label></div></td>

<td><input id="phone" name="phone" type="text" size="25" value="" maxlength="10"></td></tr><tr><td width = "150"><div align="right"><label for="email">Email</label></div></td>

<td><input id="email" name="email" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="website">Website</label></div></td>

<td><input id="website" name="website" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="description">Description</label></div></td>

<td><textarea id="description" name="description" rows="4" cols="40"></textarea></td></tr><tr><td width = "150"><div align="right"><label for="dateadded">Today's Date</label></div></td>

<td><input id="dateadded" name="dateadded" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="logo">Logo</label></div></td>

<td><input id="logo" name="logo" type="text" size="25" value="" maxlength="255"></td></tr><tr><td width = "150"><div align="right"><label for="state">State</label></div></td>

<td><input id="state" name="state" type="text" size="25" value="" maxlength="2"></td></tr><tr><td width="150"></td><td>

<input type="submit" name="submitButtonName" value="Add"></td>
</tr></table></form>
</body>
</html>

PHP is in 2 files - one with db connection instructions and the other to post the data in the mySQL.


**Code to Connect to mySQL:**

<?php

$hostname='localhost'; //// specify host, i.e. 'localhost'
$user='llamabre_visitor'; //// specify username
$pass='llama'; //// specify password
$dbase='llamabre_farms1'; //// specify database name
$connection = mysql_connect("$hostname" , "$user" , "$pass") 
or die ("Can't connect to MySQL");
$db = mysql_select_db($dbase , $connection) or die ("Can't select database.");
?>

<a href="index.php">Back to List</a>


**Code for posting to mySQL:**

<?php

include("connect.php");

$name = trim($_POST['name']);
$owners = trim($_POST['owners']);
$location = trim($_POST['location']);
$phone = trim($_POST['phone']);
$email = trim($_POST['email']);
$website = trim($_POST['website']);
$description = trim($_POST['description']);
$dateadded = trim($_POST['dateadded']);
$logo = trim($_POST['logo']);
$state = trim($_POST['state']);

$query = "INSERT INTO farmsdir (id, name, owners, location, phone, email, website, description, dateadded, logo, state)

VALUES ('', '$name', '$owners', '$location', '$phone', '$email', '$website', '$description', '$dateadded', '$logo', '$state')";

$results = mysql_query($query);

if ($results)
{
  echo "Details added.";
}
mysql_close();
?>

＆＃13;

＆＃13;

＆＃13;

Answer 1

以下是使用PDO：

的完整代码示例

$dbhost = "localhost";
$dbname = "llamabre_farms1";
$dbusername = "llamabre_visitor";
$dbpassword = "llama";

$link = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbusername,$dbpassword);

$statement = $link->prepare("
    INSERT INTO farmsdir 
    (name, owners, location, phone, email, website, description, dateadded, logo, state)
    VALUES(:fname, :sowners, :slocation, :sphone, :semail, 
    :swebsite, :sdescription, :dateadded, :logo, :state)
    ");

$statement->execute(array(
    "fname" => $_POST['name'],
    "sowners" => $_POST['owners'],
    "slocation" => $_POST['location'],
    "sphone" => $_POST['phone'],
    "semail" => $_POST['email'],
    "swebsite" => $_POST['website'],
    "sdescription" => $_POST['description'],
    "dateadded" => date('Y-m-d',strtotime($_POST['dateadded'])),
    "logo" => $_POST['logo'],
    "state" => $_POST['state'],
));

<强>解释

Prepared statements用于清除输入以防止SQL注入。 您可以在SQL语句中使用您的值而无需单引号或双引号进行绑定。

在Execute函数中，您可以为具有相同索引名称的SQL statement传递数组。

使用PDO或mysqli_ *而不是mysql_ 的原因是什么： 因为不推荐使用mysql _ 扩展，因此在PHP 7中不可用。

旁注：

我知道@Rahautos已经提供了使用我MYSQL中使用的Date Format标准('Y-m-d') execution的解决方案。

Answer 2

使用strtotime它会根据您提供的日期格式进行假设。例如

$dateadded=date("Y-m-d", strtotime($dateadded))