PHP没有输入到mysql数据库

时间:2016-02-23 11:42:07

标签: php mysql database

我试图将用户名,密码和电子邮件插入mysql数据库。数据库工作正常,因为我可以从中提取数据并在登录页面上使用,但我似乎无法创建新行和插入数据。 sql数据库是这样构建的:

Table: peter
Primary Key: user_id - Int(5), Not Null, Auto Increment
Attributes:
username - VarChar(35), Not Null
password - VarChar(35), Not Null
email - VarChar(35), Not Null

这是我的代码

<?php
include("config.php");
if($_SERVER["REQUEST_METHOD"] == "POST") {
   $myusername = mysqli_real_escape_string($db,$_POST['username']);
   $mypassword = mysqli_real_escape_string($db,$_POST['password']); 
   $myemail = mysqli_real_escape_string($db,$_POST['email']); 
   $tbl_name = "peter";

   $sql = "INSERT INTO $tbl_name (`username`, `password`, `email`) VALUES ($username, $password, $email)";

   header("location: login.php");
}
?>
<html>
    <body> 
        <form action = "" method = "post">
            <label>UserName: </label><input type = "text" name = "username" class = "box" required/><br /><br />
            <label>Password: </label><input type = "password" name = "password" class = "box" required/><br/><br />
            <label>Email: </label><input type = "email" name = "email" class = "box" required/><br/><br />
            <input type = "submit" value = " Submit "/><br />
        </form>
    </body>
</html>

我尝试了很多修复,包括来自其他Q&amp; A线程的修复,但没有一个有效。所以我希望其他人看到这个问题。

编辑: 这是config.php文件:

<?php
   define('DB_SERVER', 'xxx');
   define('DB_USERNAME', 'xxx');
   define('DB_PASSWORD', 'xxx');
   define('DB_DATABASE', 'xxx');
   $db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
?>

3 个答案:

答案 0 :(得分:1)

您的字段属于varchar类型。所以将它们用引号括起来。您还必须使用mysqli_query()执行查询。

$sql = mysqli_query("INSERT INTO $tbl_name (`username`, `password`, `email`) VALUES ('$username', '$password', '$email')");

答案 1 :(得分:1)

仅将查询编码为变量是不够的。完成后,您必须将该查询发布到数据库以供执行。

由于您的查询是基本上只需要执行的INSERT

此外,您需要为要传递给查询的数据使用正确的变量名称,即mysqli_real_escape_string()的结果中的变量

<?php
include("config.php");
if($_SERVER["REQUEST_METHOD"] == "POST") {
   $myusername = mysqli_real_escape_string($db,$_POST['username']);
   $mypassword = mysqli_real_escape_string($db,$_POST['password']); 
   $myemail = mysqli_real_escape_string($db,$_POST['email']); 
   $tbl_name = "peter";


   $sql = "INSERT INTO $tbl_name 
                  (`username`, `password`, `email`) 
           VALUES ('$myusername', '$mypassword','$myemail')";

   $res = mysqli_query($db,$sql);

   if ( $res ) {
       header("location: login.php");
       exit;
   } else {
       echo mysqli_error( $db );
       exit;
   }
}
?>
<html>
    <body> 
        <form action = "" method = "post">
            <label>UserName: </label><input type = "text" name = "username" class = "box" required/><br /><br />
            <label>Password: </label><input type = "password" name = "password" class = "box" required/><br/><br />
            <label>Email: </label><input type = "email" name = "email" class = "box" required/><br/><br />
            <input type = "submit" value = " Submit "/><br />
        </form>
    </body>
</html>

更好的方法是使用像这样的参数化查询

<?php
include("config.php");
if($_SERVER["REQUEST_METHOD"] == "POST") {
   $tbl_name = "peter";

   $sql = "INSERT INTO $tbl_name 
                  (`username`, `password`, `email`) 
           VALUES (?,?,?)";

   $stmt = mysqli_prepare($db,$sql);

   mysqli_bind_param($stmt, 'sss', $_POST['username'],
                                   $_POST['password'],
                                   $_POST['email']
                    );

   $res = mysqli_stmt_execute($stmt);

   if ( $res ) {
       header("location: login.php");
       exit;
   } else {
       echo mysqli_stmt_error ( $stmt );
       exit;
   }
}
?>
<html>
    <body> 
        <form action = "" method = "post">
            <label>UserName: </label><input type = "text" name = "username" class = "box" required/><br /><br />
            <label>Password: </label><input type = "password" name = "password" class = "box" required/><br/><br />
            <label>Email: </label><input type = "email" name = "email" class = "box" required/><br/><br />
            <input type = "submit" value = " Submit "/><br />
        </form>
    </body>
</html>

答案 2 :(得分:0)

正如RiggsFolly在评论中建议的那样,您在查询中错误地使用了变量名称。

您的变量名称应为'$myusername', '$mypassword', '$myemail'

编写如下代码: - 

// Use single quote '' around variables in query
$sql = "INSERT INTO $tbl_name(`username`, `password`, `email`) VALUES('$myusername', '$mypassword', '$myemail')";
$result = mysqli_query($db,$sql);

// Check for query errors
if(!$result){
   printf("Error: %s\n", mysqli_error($db));
   die;
}

header("location: login.php");
exit; // write exit after header tag to stop executuon of below code

希望它会对你有所帮助:)。

相关问题
最新问题