表单数据未正确提交

时间:2016-10-20 10:54:32

标签: php mysql

所以我创建了一个简单的表单,它应该将输入的数据发送到表中。我遇到的问题是“内容”中的字符计数。字段超过一定数量,我按提交,所有字段为空,没有数据发送到表。我应该收到一条消息,说“发布成功后发布了”#39;一旦提交,但由于上述原因它没有发生,我不知道为什么。

然后我必须转到localhost并在那里编辑字段。这是我的代码:

<?php
include("includes/connect.php");

if(isset($_POST['submit'])) {

    $post_title = $_POST['title'];
    $post_date = date('Y-m-d');
    $post_author = $_POST['author'];
    $post_keywords = $_POST['keywords'];
    $post_content = $_POST['content'];
    $post_image = $_FILES['image']['name'];
    $image_tmp = $_FILES['image']['tmp_name'];


    if($post_title == '' or $post_keywords == '' or $post_content == ''
    or $post_author == '') {

        echo "<script>alert('Please fill the empty fields!')</script>";

        exit();
    }
    else {

        move_uploaded_file($image_tmp, "../images/$post_image");

        $insert_query = "INSERT INTO `posts` 
        (post_title, post_date, post_author, post_image, 
        post_keywords, post_content) 
        values ('$post_title', '$post_date', '$post_author', '$post_image', 
        '$post_keywords', '$post_content')";

        if(mysqli_query($connect, $insert_query)) {

            echo "<center><h1>Post Published Successfully!</h1></center>";
        }
    }

}
?>

<body>

    <form method = "post" action = "insert_post.php" enctype = "multipart/form-data">

        <table width = "600" align = "center">
            <tr>
                <td align="center" colspan = "6"><h1 style = "font-family: 'Fjalla One'; color: #575757;">Insert new post here</h1></td>
            </tr>

            <tr><!--TITLE-->
                <td align = "right" size = "30px" style = "font-family: 'Fjalla One'; color: #575757; font-size: 20px;">Post Title:</td>
                <td><input type = "text" name = "title"></td>
            </tr>

            <tr><!--AUTHOR-->
                <td align = "right" size = "30px" style = "font-family: 'Fjalla One'; color: #575757; font-size: 20px;">Post Author:</td>
                <td><input type = "text" name = "author"></td>
            </tr>

            <tr><!--KEYWORDS-->
                <td align = "right" size = "30px" style = "font-family: 'Fjalla One'; color: #575757; font-size: 20px;">Post Keywords:</td>
                <td><input type = "text" name = "keywords"></td>
            </tr>

            <tr><!--IMAGE-->
                <td align = "right" style = "font-family: 'Fjalla One'; color: #575757; font-size: 20px;">Post Image:</td>
                <td><input type = "file" name = "image"></td>
            </tr>

            <tr><!--CONTENT-->
                <td align = "right" style = "font-family: 'Fjalla One'; color: #575757; font-size: 20px;">Post Content</td>
                <td><textarea name = "content" cols = "40" rows = "20"></textarea></td>
            </tr>

            <tr>
                <td align = "center" colspan = "6"><input type = "submit" name = "submit" value = "Publish" ></td>
            </tr>

    </form>

1 个答案:

答案 0 :(得分:1)

尝试包含一些MySQL错误处理,让自己更好地了解问题 - 就像这样:

<?php
include("includes/connect.php");

if(isset($_POST['submit'])) {

    $post_title = $_POST['title'];
    $post_date = date('Y-m-d');
    $post_author = $_POST['author'];
    $post_keywords = $_POST['keywords'];
    $post_content = $_POST['content'];
    $post_image = $_FILES['image']['name'];
    $image_tmp = $_FILES['image']['tmp_name'];


    if($post_title == '' or $post_keywords == '' or $post_content == ''
    or $post_author == '') {

        echo "<script>alert('Please fill the empty fields!')</script>";

        exit();
    }
    else {

        move_uploaded_file($image_tmp, "../images/$post_image");

        $insert_query = "INSERT INTO `posts` 
        (post_title, post_date, post_author, post_image, 
        post_keywords, post_content) 
        values ('$post_title', '$post_date', '$post_author', '$post_image', 
        '$post_keywords', '$post_content')";

        if(mysqli_query($connect, $insert_query)) {

            echo "<center><h1>Post Published Successfully!</h1></center>";
        } else echo  "MySQL Error description: " . mysqli_error($connect);
    }

}
?>

不要在生产环境中使用它,因为您不应向最终用户显示技术错误消息 - 特别是当您没有转义原始输入时,您很容易注入SQL。

修改

操作粘贴错误消息,显示提交的字符串中的'字符导致MySQL出错 - 解决方法是传递通过mysqli_real_escape_string($connect, $variable);提交的每个变量。