PHP错误提交到SQL数据库

时间:2017-01-27 04:47:48

标签: php sql

请寻求帮助。我是php的新手,我的课程需要我将表单数据保存到sql数据库。我有以下代码,它会创建我的错误消息"出错了"。我在网上学习,而且我的讲师在帮助方面毫无用处。谁能告诉我哪里出错了?

我的数据库在其他地方读取和写入确定.. 

<?php

$page_title = "Login Page";

session_start();

include('header.php');
require_once("validation_functions.php");
require_once('functions.php');
require_once('connection.php');

// Check if form was submitted
if (isset($_POST['submit'])) {

    // Remove whitespace from beginning and end of values
    $title = trim($_POST["Title"]);
    $director = trim($_POST["Director"]);
    $producer = trim($_POST["Producer"]);
    $running_time = trim($_POST["Running"]);
    $starring = trim($_POST["Starring"]);
    $distributor = trim($_POST["Distributor"]);

    // Escape strings and filter input to prevent SQL injection
    $title = mysqli_real_escape_string($connection, $title);
    $director = mysqli_real_escape_string($connection, $director);
    $producer = mysqli_real_escape_string($connection, $producer);
    $starring = mysqli_real_escape_string($connection, $starring);
    $distributor = mysqli_real_escape_string($connection, $distributor);
    $running_time = intval($running_time);

    if (isset($_POST["Rel"])) { $release = $_POST["Rel"]; }
    if (isset($_POST["Genre"])) { $genre = $_POST["Genre"]; }
    if (isset($_POST["Rating"])) { $rating = $_POST["Rating"]; }

    $form_errors = false;

    // Check if fields are blank
    if (is_blank($title) || is_blank($director) || is_blank($producer) || is_blank($release) || is_blank($running_time) || is_blank($starring) || is_blank($distributor)) {
        $blank_message = "<p class='error-msg'>All fields are required.</p>";
        $form_errors = true;
    }

    // Check if running time is a valid number
    if (isset($running_time) && !filter_var($running_time, FILTER_VALIDATE_INT)) {
        $number_message = "<p class='error-msg'>Running time is not a valid number.</p>";
        $form_errors = true;
    }

    // Check if movie already exists
    if (record_exists("SELECT * FROM Movie WHERE Movie.Title = '{$title}'")) {
        $exists_message = "<p class='error-msg'>This movie already exists in the database.</p>";
        $form_errors = true;
    }


    if ($form_errors == false) {

        $insert_movie = "INSERT INTO Movie (Title, Director, Producer, Rel, Running, GenreID, Starring, Distributor, Rating) VALUES ('{$title}', '{$director}', '{$producer}', '{$release}', '{$running_time}'', '{$genre}', '{$starring}', '{$distributor}', '{$rating}')";

        if (mysqli_query($connection, $insert_movie)) {
            $movie_id = mysqli_insert_id($connection);


            $success_message = "<p class='success-msg'>The movie has been successfully added to the database.</p>";
        }
        else {
            $error_message = "<p class='error-msg'>Something went wrong. Please try again.</p>";
        }
    }
}

//php code ends here 
?>


     <!--    // PUT ERRORS HERE-->
<?php if (isset($blank_message)) { echo $blank_message; } ?>
<?php if (isset($number_message)) { echo $number_message; } ?>
<?php if (isset($date_message)) { echo $date_message; } ?>
<?php if (isset($exists_message)) { echo $exists_message; } ?>
<?php if (isset($success_message)) { echo $success_message; } ?>
<?php if (isset($error_message)) { echo $error_message; } ?>

      <form action="<?php htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post" enctype="multipart/form-data" id="movieinput">
          Title:<br>
          <input type="text" name="Title" placeholder="e.g. Aliens" data-validation="required" value="<?php if (isset($title)) { echo $title; } ?>"><br>
          Director:<br>
          <input type="text" name="Director" placeholder="e.g. Ridley Scott" data-validation="required" value="<?php if (isset($director)) { echo $director; } ?>"><br>
          Producer:<br>
          <input type="text" name="Producer" placeholder="e.g. Gale Ann Hurd" data-validation="required" value="<?php if (isset($producer)) { echo $producer; } ?>"><br>
          Release Date:<br>
          <input type="date" name="Rel" format="yyyy/mm/dd" value="<?php if (isset($date)) { echo $date; } ?>"><br>
          Running Time (mins):<br>
          <input type="number" pattern=".{1,3}" name="Running" placeholder="e.g. 137" data-validation="required" value="<?php if (isset($running)) { echo $running; } ?>"><br>
          Genre:<br><select name="Genre" value="<?php if (isset($genre)) { echo $genre; } ?>"><br>>
            <option value="drama" name="drama">Drama</option>
            <option value="documentary" name ="documentary">Documentary</option>
            <option value="scifi" name="scifi" selected>Sci-Fi</option>
            <option value="comedy" name="comedy">Comedy</option>
              <option value="biopic" name ="biopic">Biopic</option>
              <option value="horror" name="horror">Horror</option>
    </select><br>
          Starring:<br>
          <input type="text" name="Starring" placeholder="e.g. Sigourney Weaver, Michael Biehn, William Hope" value="<?php if (isset($starring)) { echo $starring; } ?>"><br>
          Distributor:<br>
          <input type="text" name="Distributor" placeholder="e.g. 20th Century Fox" data-validation="required" value="<?php if (isset($distributor)) { echo $distributor; } ?>"><br>
          Rating:<br><select name="Rating" value="<?php if (isset($rating)) { echo $rating; } ?>"><br>>>
          <option
            value="one">1
          </option>
          <option
            value="two">2
          </option>
          <option
            value="three">3
          </option>
          <option
            value="four">4
          </option>
          <option
            value="five">5
          </option>
          </select><br>
          <br>
          <input type="submit" name="submit" value="Submit"/>
      </form>




<script> </script>

3 个答案:

答案 0 :(得分:0)

您正在使用来自php的SQL数据库并使用mysqli_query()函数来插入哪些肯定不起作用。你必须使用PDO。访问SQL数据库。 Connect to SQL Server through PDO using SQL Server Driver

https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=0ahUKEwjk4MS-w-HRAhUPR48KHbLaAIMQFggdMAE&url=http%3A%2F%2Fphp.net%2Fmanual%2Fen%2Fref.pdo-dblib.php&usg=AFQjCNGG9EMmNv41NHQfjhpapjqhugBYQA

答案 1 :(得分:0)

>  $insert_movie = "INSERT INTO Movie (Title, Director, Producer, Rel,
> Running, GenreID, Starring, Distributor, Rating) VALUES ('{$title}',
> '{$director}', '{$producer}', '{$release}', '{$running_time}'',
> '{$genre}', '{$starring}', '{$distributor}', '{$rating}')";

使用此代替 

>  $insert_movie = "INSERT INTO Movie (Title, Director, Producer, Rel,
> Running, GenreID, Starring, Distributor, Rating) VALUES ('$title',
> '$director', '$producer', '$release', '$running_time', '$genre',
> '$starring', '$distributor', '$rating')";

答案 2 :(得分:0)

在这种情况下,以下某些可能性会导致此问题。

  1. 输入类型与数据库表中的列数据类型不匹配。
  2. 用于插入表格的必需参数。

    3. 确保INSERT查询中没有问题的一个建议。只需在浏览器中打印insert语句,然后在DB中手动执行。

        $insert_movie = "INSERT INTO Movie (Title, Director, Producer, Rel, Running, GenreID, Starring, Distributor, Rating) VALUES ('{$title}', '{$director}', '{$producer}', '{$release}', '{$running_time}'', '{$genre}', '{$starring}', '{$distributor}', '{$rating}')";

    echo $insert_movie; exit;

    尝试此操作,如果insert语句中没有问题,将继续调试。

    干杯!

相关问题
最新问题