<div class="contact-forum">
<h1>Contact Forum</h1>
<div class="contact-enters">
<form action="Home.php" method="post">
<div class="firstname">
<p>First Name:</p> </div> <input type="text" name="firstname" placeholder="FirstName" /> <br />
<div class="lastname">
<p> LastName: </p></div> <input type="text" name="lastname" placeholder="LastName" /> <br />
<div class="Email">
<p> Email: </p></div> <input type="text" name="email" placeholder="E-mail" /> <br />
<div class="topic">
<p>Topic: </p> </div><input type="text" name="topic" placeholder="Topic" /> <br />
<div class="message">
<p> Message: </p> </div> <div class="message-box"><input type="text" name="message" /></div> <br />
<input type="submit" name="Send" />
</form>
</div>
</div>
<div class="php">
<?php
$con = mysqli_connect("localhost", "KyleLongrich", "Cash7144") or die('can not connect to server');
mysqli_select_db($con,"kylelongrich") or die("could not connect to database");
if(isset($_POST['Send']))
{
$Firstname = strip_tags($_POST['firstname']);
$Lastname = strip_tags($_POST['lastname']);
$Email = strip_tags($_POST['email']);
$Topic = strip_tags($_POST['topic']);
$Message = strip_tags($_POST['message']);
$email_query = mysqli_query($con,"SELECT Email FROM emailquestions WHERE Email ='$Email'") or die("Could not check email");
$count_email = mysqli_num_rows($email_query);
if ($count_email > 0)
{
echo 'Your email is alread in use';
}
$sql = "INSERT INTO emailquestions (Firstname, Lastname, Email, Subject, Message) VALUES ('$Firstname','$Lastname','$Email','$Topic','$Message')";
mysqli_query($con, $sql);
$message = 'Your message has been sent';
}
$message='';
?>
显示时,提示按钮在发送时不会发送任何内容或工作。没有PHP代码错误回来但它将无法正常工作。可能是因为造型?任何帮助都会很棒
答案 0 :(得分:1)
在if语句后尝试使用else,并在查询中使用SET。
if ($count_email > 0)
{
echo 'Your email is alread in use';
}
else
{
$sql = "INSERT INTO emailquestions SET
(Firstname, Lastname, Email, Subject,
Message) VALUES
('$Firstname','$Lastname','$Email','$Topic','$Message')";
mysqli_query($con, $sql);
$success_message = 'Your message has been
sent';
echo $success_message;
}
希望有所帮助
答案 1 :(得分:1)
这有点无关,但我认为这会有所帮助。您正在使用mysqli,但我建议您使用PDO连接到您的数据库。它将来更安全,更容易扩展。以下是如何使用PDO连接数据库的示例。
<?php
$myUser = "XXXXXX";
$myPass = "XXXXXX";
try{
$dbPDO = new PDO('mysql:host=localhost;dbname=xxxxxxxx', $myUser, $myPass);
$dbPDO->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Connection was successful";
} catch(PDOException $e){
print "Error!: " . $e->getMessage() . "<br />";
die();
}
?>
只需将X更改为服务器的设置即可。我会将其存储在自己的文件中,并使用include_once('dbConn.php');之类的内容将其包含在以后的所有文件中。
当您想要启动查询时,您可以这样做:
$query = $dbPDO->prepare("SELECT * FROM Table_Name");
$query->execute();
当然,您希望将变量传递给您的查询,以便您可以这样做:
$query = $dbPDO->prepare("SELECT * FROM Table_Name WHERE ID = :id");
$query->bindParam(':id', $id);
$query->execute();
这可以避免SQL注入。只需确保在将变量绑定到查询之前清理变量。
将变量直接传递到查询中会使您容易受到SQL注入的攻击,PDO通过将变量绑定到查询来帮助防止这种情况。
答案 2 :(得分:1)
您必须关闭contact-enters div。尝试流动代码。
<h1>Contact Forum</h1>
<div class="contact-enters">
<form action="Home.php" method="post">
<div class="firstname">
<p>First Name:</p> </div> <input type="text" name="firstname" placeholder="FirstName"> <br />
<div class="lastname">
<p> LastName: </p></div> <input type="text" name="lastname" placeholder="LastName"> <br />
<div class="Email">
<p> Email: </p></div> <input type="text" name="email" placeholder="E-mail"> <br />
<div class="topic">
<p>Topic: </p> </div><input type="text" name="topic" placeholder="Topic"> <br />
<div class="message">
<p> Message: </p> </div> <div class="message-box"><input type="text" name="message"></div> <br />
<input type="submit" name="Send">
</form>
</div>
</div>