单选按钮值未存储在数据库中

时间:2016-05-13 10:18:12

标签: php html mysql database xampp

one.html 

<!DOCTYPE HTML>
<html> 
<head> 
<title>page1</title> 
<link rel="stylesheet" type="text/css" href="style.css"> 
</head>
<div id="one"> 
<form method="post" action="connect1.php">
<h4>Answer all the questions on the scale (1)Strongly agree to (5)Strongly disagree </h4>
<table width="1000" border="1" cellpadding="10">
<tbody>
  <tr>
    <th style="width:50% ; text-align:center" scope="col">Questions</th>
    <th style="width:10% ; text-align:center" scope="col">Strongly agree</th>
    <th style="width:10% ; text-align:center" scope="col">Agree</th>
    <th style="width:10% ; text-align:center" scope="col">Neutral</th>
    <th style="width:10% ; text-align:center" scope="col">Disagree</th>
    <th style="width:10% ; text-align:center" scope="col">Strongly disagree</th>
  </tr>
  <tr>
    <td>1.People are clear about their role and performance levels expected of them.</td>
    <td><input type="radio" name="q1" value="q1a">
      1</td>
    <td><input type="radio" name="q1" value="q1b">
      2</td>
    <td><input type="radio" name="q1" value="q1c">
      3</td>
    <td><input type="radio" name="q1" value="q1d">
      4</td>
    <td><input type="radio" name="q1" value="q1e">
      5</td>
  </tr>
  <tr>
    <td>2.People understand how their role fits with the responsibilities of others.</td>
    <td><input type="radio" name="q2" value="q2a">
      1</td>
    <td><input type="radio" name="q2" value="q2b">
      2</td>
    <td><input type="radio" name="q2" value="q2c">
      3</td>
    <td><input type="radio" name="q2" value="q2d">
      4</td>
    <td><input type="radio" name="q2" value="q2e">
      5</td>
  </tr>
  <tr>
    <td>3.People understand the contribution they are making to organisational objectives.</td>
    <td><input type="radio" name="q3" value="q3a">
      1</td>
    <td><input type="radio" name="q3" value="q3b">
      2</td>
    <td><input type="radio" name="q3" value="q3c">
      3</td>
    <td><input type="radio" name="q3" value="q3d">
      4</td>
    <td><input type="radio" name="q3" value="q3e">
      5</td>
  </tr>
  <tr>
    <td>4.People are clear about the behaviours expected of them in achieving their objectives.</td>
    <td><input type="radio" name="q4" value="q4a">
      1</td>
    <td><input type="radio" name="q4" value="q4b">
      2</td>
    <td><input type="radio" name="q4" value="q4c">
      3</td>
    <td><input type="radio" name="q4" value="q4d">
      4</td>
    <td><input type="radio" name="q4" value="q4e">
      5</td>
  </tr>
  <tr>
    <td>5.Values and attributes are aligned with each other and support critical behaviour such as customer service or innovation.</td>
    <td><input type="radio" name="q5" value="q5a">
      1</td>
    <td><input type="radio" name="q5" value="q5b">
      2</td>
    <td><input type="radio" name="q5" value="q5c">
      3</td>
    <td><input type="radio" name="q5" value="q5d">
      4</td>
    <td><input type="radio" name="q5" value="q5e">
      5</td>
  </tr>
  <tr>
    <td>6.People feel the organisational systems are 'in sync' with their objectives.</td>
    <td><input type="radio" name="q6" value="q6a">
      1</td>
    <td><input type="radio" name="q6" value="q6b">
      2</td>
    <td><input type="radio" name="q6" value="q6c">
      3</td>
    <td><input type="radio" name="q6" value="q6d">
      4</td>
    <td><input type="radio" name="q6" value="q6e">
      5</td>
  </tr>
  <tr>
    <td>7.People believe they are given space to try new ideas or ways of doing things.</td>
    <td><input type="radio" name="q7" value="q7a">
      1</td>
    <td><input type="radio" name="q7" value="q7b">
      2</td>
    <td><input type="radio" name="q7" value="q7c">
      3</td>
    <td><input type="radio" name="q7" value="q7d">
      4</td>
    <td><input type="radio" name="q7" value="q7e">
      5</td>
  </tr>
  <tr>
    <td>8.Knowledge-sharing enables people to learn from one another.</td>
    <td><input type="radio" name="q8" value="q8a">
      1</td>
    <td><input type="radio" name="q8" value="q8b">
      2</td>
    <td><input type="radio" name="q8" value="q8c">
      3</td>
    <td><input type="radio" name="q8" value="q8d">
      4</td>
    <td><input type="radio" name="q8" value="q8e">
      5</td>
  </tr>
  <tr>
    <td>9.Cross-functional working enables people to learn from others' experiences.</td>
    <td><input type="radio" name="q9" value="q9a">
      1</td>
    <td><input type="radio" name="q9" value="q9b">
      2</td>
    <td><input type="radio" name="q9" value="q9c">
      3</td>
    <td><input type="radio" name="q9" value="q9d">
      4</td>
    <td><input type="radio" name="q9" value="q9e">
      5</td>
  </tr>
  <tr>
    <td>10.People watch for changes within the external world that might impact on the organisation.</td>
    <td><input type="radio" name="q10" value="q10a">
      1</td>
    <td><input type="radio" name="q10" value="q10b">
      2</td>
    <td><input type="radio" name="q10" value="q10c">
      3</td>
    <td><input type="radio" name="q10" value="q10d">
      4</td>
    <td><input type="radio" name="q10" value="q10e">
      5</td>
  </tr>
</tbody>
</table>
<input type="submit" value="submit">
</form>
</div>
</body>
</html>

connect1.php 

<?php 
//connecting to the database 
define('DB_HOST', 'localhost'); 
define('DB_NAME', 'survey'); 
define('DB_USER','root'); 
define('DB_PASSWORD',''); 
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); 
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());

//inserting Record to the database
$q1 = $_POST['q1'];
$q2 = $_POST['q2'];
$q3 = $_POST['q3'];
$q4 = $_POST['q4'];
$q5 = $_POST['q5'];
$q6 = $_POST['q6'];
$q7 = $_POST['q7'];
$q8 = $_POST['q8'];
$q9 = $_POST['q9'];
$q10 = $_POST['q10'];
$query = "INSERT INTO one(q1,q2,q3,q4,q5,q6,q7,q8,q9,q10)VALUES('$q1','$q2','$q3','$q4','$q5','$q6','$q7','$q8','$q9','$q10')"; 
$result = mysql_query($query); 
if($result) 
{ 
echo "Thank you for taking the test!"; 
} 
else 
{ 
die('Error: '.mysql_error($con)); 
} 
mysql_close($con); 
?>

数据库中的结果

only the value for first question $q1 is getting stored in the db. Remaining all nine values have value as 0 stored. What is causing this

我有10个问题的十个输入,标记为$q1$q10。每个问题有五个单选按钮选项,用户选择一个。在存储到数据库中时,$q1列的值存储为q1a / q1b / q1c / q1d / q1e)这五个选项中。但是对于下一个问题,只存储零(0)。

1 个答案:

答案 0 :(得分:0)

首先,避免使用mysql_函数,您应该使用预准备语句将其转换为PDO。例如:http://php.net/manual/en/pdo.prepared-statements.php

原因是mysql_已从PHP5.5弃用,并且完全从PHP7中删除。您当前的代码容易受到SQL注入和跨站点脚本的攻击,PDO可以帮助您解决SQL注入问题。

您也验证了来自用户的数据,ALLWAYS。你不能相信他们。如果有人要编辑单选按钮的值,他们可以将任何内容插入数据库。 当您使用POST / GET时,我建议使用PHP的内置输入过滤器filter_input()函数,它将为您过滤输入,也会阻止跨站点脚本。

你还应该防止使用die();不应向最终用户显示和mysql错误消息。你应该只显示一个说明发生事情的文本,而不是实际的错误,这应该记录下来,只为你的眼睛阅读。

在查询的每个段之后创建空格,可读性和格式化可能会破坏您的插入。 INSERT INTO one(q1,q2)VALUES('$ q1','$ q2')。但如果您决定使用PDO,这将会有所不同。

尝试var_dump($ _ POST)以查看提交时是否有POST数据。

没有密码的ROOT也非常关键,至少应该是一个密码,一般使用root不是一个好习惯。最好的情况是,如果您可以使新用户只是该数据库。

我希望你把它作为建设性的批评,我只是想让你的代码变得更好,更安全。

谢谢!

相关问题
最新问题