PHP表单无法识别localhost上的代码,但可用于在线托管

时间:2016-05-24 17:57:26

标签: php database forms variables undefined

我从php form guide site

下载了这个php表单处理代码

代码完美无缺,我的托管空间没有任何错误。

但是如果我尝试在xampp localhost上运行,它就不会识别字段。并给出了这个错误:

  

注意:未定义的变量:第88行的C:\ wamp64 \ www \ form \ myform2.php中的varMovie调用堆栈#TimeMemoryFunctionLocation 10.0007248808 {main}()... \ myform2.php:0

任何人都可以帮助我吗?我正在粘贴php代码:

    <?php
    if (isset($_POST['formSubmit']) && $_POST['formSubmit'] == 'Submit') 
    {
        $errorMessage = "";

        if(empty($_POST['formMovie'])) 
        {
            $errorMessage .= "<li>You forgot to enter a movie!</li>";
        }
        if(empty($_POST['formName'])) 
        {
            $errorMessage .= "<li>You forgot to enter a name!</li>";
        }
        if(empty($_POST['formGender'])) 
        {
            $errorMessage .= "<li>You forgot to select your Gender!</li>";
        }

        $varMovie = $_POST['formMovie'];
        $varName = $_POST['formName'];
        $varGender = $_POST['formGender'];

        if(empty($errorMessage)) 
        {
            $db = mysql_connect("loclhost","root","admin");
            if(!$db) die("Error connecting to MySQL database.");
            mysql_select_db("my_db" ,$db);

            $sql = "INSERT INTO movieformdata (moviename, yourname, Gender) VALUES (".
                            PrepSQL($varMovie) . ", " .
                            PrepSQL($varName) . ", " .
                            PrepSQL($varGender) . ")";
            mysql_query($sql);

            header("Location: thankyou.html");
            exit();
        }
    }

    // function: PrepSQL()
    // use stripslashes and mysql_real_escape_string PHP functions
    // to sanitize a string for use in an SQL query
    //
    // also puts single quotes around the string
    //
    function PrepSQL($value)
    {
        // Stripslashes
        if(get_magic_quotes_gpc()) 
        {
            $value = stripslashes($value);
        }

        // Quote
        $value = "'" . mysql_real_escape_string($value) . "'";

        return($value);
    }
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>PHP Form processing example</title>
<!-- define some style elements-->
<style>
label, a {
    font-family : Arial, Helvetica, sans-serif;
    font-size : 12px;
}
</style>
</head>

<body>
<?php
            if(!empty($errorMessage)) 
            {
                echo("<p>There was an error with your form:</p>\n");
                echo("<ul>" . $errorMessage . "</ul>\n");
            }
        ?>
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
  <p>
    <label for='formMovie'>Which is your favorite movie?</label>
    <br/>
    <input type="text" name="formMovie" maxlength="50" value="<?=$varMovie;?>" />
  </p>
  <p>
    <label for='formName'>What is your name?</label>
    <br/>
    <input type="text" name="formName" maxlength="50" value="<?=$varName;?>" />
  </p>
  <p>
    <label for='formGender'>What is your Gender?</label>
    <br/>
    <select name="formGender">
      <option value="">Select...</option>
      <option value="M"<? if($varGender=="M") echo(" selected=\"selected\"");?>>Male</option>
      <option value="F"<? if($varGender=="F") echo(" selected=\"selected\"");?>>Female</option>
    </select>
  </p>
  <input type="submit" name="formSubmit" value="Submit" />
</form>
<p> <a href='http://www.html-form-guide.com/php-form/php-form-processing.html'
>'PHP form processing' article page</a> </p>
</body>
</html>

1 个答案:

答案 0 :(得分:0)

您正在连接到localhost作为数据库服务器。将代码移动到其他服务器时,您将连接到其他数据库。也许其他服务器没有数据库。

另外,请使用mysqlibind_param代替mysql_real_escape_string。黑客组织Anonymous通过在a foreign language中发送单引号找到了绕过mysql_real_escape_string的方法。

相关问题
最新问题