php代码拒绝将值插入数据库

时间:2017-02-06 16:45:45

标签: php mysql

PHP代码拒绝将特定字段插入数据库。除了以下所有其他字段插入数据库:

<div class="form-group">
    <input type="text" class="form-control" name="recip" id="recip" placeholder="To"/>
</div>

以下是发送消息的代码:

SEND.PHP      

include('../../dbconnect.php');
{
if(isset($_SESSION['username']))


$email = ($_POST['recip']);
$title = ($_POST['title']);
$message = ($_POST['compose-textarea']);
//$role = admin;
//$msg = strip_tags($_POST['message']);
//$days = str_replace('/', '-',$_POST['endtime']);

//We check if the recipient exists
         {

            //if it has the correct format whether the email has already exist

            //$sql1 = "SELECT * FROM tbl_users WHERE email = '$recip'";
            //$result1 = mysqli_query($conn,$sql1) or die(mysqli_error());
            //if (mysqli_num_rows($result1) > 0)
            {
           //     $_SESSION['usermsg'] = "<center><div class='alert alert-danger' role='alert'>This Email is already used.</div></center>";
            //  header("location: register.php");
//exit;
            }
        }
        //else
        {
            //this error will set if the email format is not correct
         //  $_SESSION['usermsg'] = "<center><div class='alert alert-danger' role='alert'>Your email is not valid.</div></center>";
        //  header("location: register.php");
//exit;
        }


    $sql = "INSERT INTO messages (to_user, subject,message)
                   VALUES ('$email','$title','$message')";

   // $sql = ('insert into pm (id, id2, title, user1,user2, message, timestamp, user1read, user2read)
            //values("'.$id.'", "1", "'.$title.'",  "'.$_SESSION['userid'].'","'.$sql1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no")');

if (mysqli_query($conn, $sql)) {

   header("location: compose.php");
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}

mysqli_close($conn);
}

/// $sql = ('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['userid'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no")');
 ?>

但是当我将$email更改为$title时,它会发送该值 我不知道我做错了什么,我需要你的帮助,就像这个问题已经很长时间了 请知道这是php的基础,但请你好笑!)

以下是表格

form name="my_form" action="SEND.php" method="POST">
            <div class="col-md-9">
              <div class="box box-primary">
                <div class="box-header with-border">
                  <h3 class="box-title">Compose New Message</h3>
                </div><!-- /.box-header -->
                <div class="box-body">
                  <div class="form-group">
                      <input type="text" class="form-control" name="recip" id="recip" placeholder="To"/>
                    </div>
                  <div class="form-group">
                    <input class="form-control" id="title" name="title" placeholder="Subject:"/>
                  </div>
                  <div class="form-group">
                    <textarea id="compose-textarea" name="compose-textarea" class="form-control" style="height: 300px">
                      <h1><u>Heading Of Message</u></h1>
                      <h4>Subheading</h4>
                      <p>But I must explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and I will give you a complete account of the system, and expound the actual teachings of the great explorer of the truth, the master-builder of human happiness. No one rejects, dislikes, or avoids pleasure itself, because it is pleasure, but because those who do not know how to pursue pleasure rationally encounter consequences that are extremely painful. Nor again is there anyone who loves or pursues or desires to obtain pain of itself, because it is pain, but because occasionally circumstances occur in which toil and pain can procure him some great pleasure. To take a trivial example, which of us ever undertakes laborious physical exercise, except to obtain some advantage from it? But who has any right to find fault with a man who chooses to enjoy a pleasure that has no annoying consequences, or one who avoids a pain that produces no resultant pleasure? On the other hand, we denounce with righteous indignation and dislike men who are so beguiled and demoralized by the charms of pleasure of the moment, so blinded by desire, that they cannot foresee</p>
                      <ul>
                        <li>List item one</li>
                        <li>List item two</li>
                        <li>List item three</li>
                        <li>List item four</li>
                      </ul>
                      <p>Thank you,</p>
                      <p>John Doe</p>
                    </textarea>
                  </div>
                  <div class="form-group">
                    <div class="btn btn-default btn-file">
                      <i class="fa fa-paperclip"></i> Attachment
                      <input type="file" name="attachment"/>
                    </div>
                    <p class="help-block">Max. 32MB</p>
                  </div>
                </div><!-- /.box-body -->
                <div class="box-footer">
                  <div class="pull-right">
                    <button class="btn btn-default"><i class="fa fa-pencil"></i> Draft</button>
                 <button onclick=" $('#compose-textarea').val($('.Editor-editor').html());" type="submit" class="btn btn-primary"><i class="fa fa-envelope-o"></i> Send</button>
                  </div>
                  <button class="btn btn-default"><i class="fa fa-times"></i> Discard</button>
                </div><!-- /.box-footer -->
              </div><!-- /. box -->
            </form>

请不要担心我的安全性(mysq注入)会对我自己只是帮助解决当前的问题。谢谢

1 个答案:

答案 0 :(得分:0)

尝试检查您的SQL表并确保列#to to -user&#39;设置为接受VARCHAR或TEXT。

相关问题
最新问题