因此,当我将测试值放在php文件中时,我的表单似乎有效:
$name = 'name';
$email = 'test@gmail.com';
$telephone = '123456789';
$message = 'test message';
然而,当我用php _POST替换测试值时,如下所示:
$name = $_POST['name']
在一个文件contact.html中有一个非常简单的联系我们表单设置:
<div class="container-fluid">
<div class="row">
<div class="col-xs-12 col-sm-9 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-8 col-lg-offset-2">
<div class="form-header">
<h8>CONTACT US FORM</h8>
</div>
<form method="post" action="php/contact.php">
<div class="row">
<div class="form-group col-xs-4 col-sm-4 col-md-4 col-lg-4">
<label>Name:</label>
<input type="text" name="name" class="form-control" onchange="capitalise()">
</div>
<div class="form-group col-xs-4 col-sm-4 col-md-4 col-lg-4">
<label>Email Address:</label>
<input type="email" class="form-control" name="email">
</div>
<div class="form-group col-xs-4 col-sm-4 col-md-4 col-lg-4">
<label>Phone Number:</label>
<input type="tel" class="form-control" name="tel">
</div>
<div class="clearfix"></div>
<div class="form-group col-xs-12 col-sm-12 col-md-12 col-lg-12">
<label>Message:</label>
<textarea class="form-control" rows="6"></textarea>
</div>
<div class="form-group col-xs-12 col-sm-12 col-md-12 col-lg-12">
<input type="hidden" name="msg" value="contact">
<button type="submit" class="btn btn-default">Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
这是使用预准备语句的PHP联系表单。
<?php
$servername = "*******";
$username = "********";
$password = "********";
$dbname = "*********";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error){
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn -> prepare("INSERT INTO contact (name, email, telephone, message) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $name, $email, $telephone, $message);
$name = $_POST['name'];
$email = $_POST['email'];
$telephone = $_POST['tel'];
$message = $_POST['msg'];
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
?>
答案 0 :(得分:0)
您希望在将变量插入bind之前声明变量:
<?php
$servername = "*******";
$username = "********";
$password = "********";
$dbname = "*********";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error){
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn -> prepare("INSERT INTO contact (name, email, telephone, message) VALUES (?, ?, ?, ?)");
$name = $_POST['name'];
$email = $_POST['email'];
$telephone = $_POST['tel'];
$message = $_POST['msg'];
$stmt->bind_param("ssss", $name, $email, $telephone, $message);
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$conn->close();
?>