我创建了一个包含4个表单输入的完整网站,输入是文本输入,并且它连接到MySQL数据库。现在我想将其中一个文本输入更改为文本框,当我这样做时,它不再将数据发送到数据库以用于特定的消息'领域。
//php code to insert to db
<?php
$errors = array(); // array to hold validation errors
$data = array(); // array to pass back data
$email = $_POST['email'];
$phone = $_POST['phone_number'];
$name = $_POST['name'];
$message=$_POST['message'];
// validate the variables ======================================================
// if any of these variables don't exist, add an error to $errors array
if (empty($_POST['name']))
{
$errors['name'] = 'Name is required.';
}
if (empty($_POST['email']))
{
$errors['email'] = 'Email is required.';
} else {
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
if(!preg_match($email_exp,$email))
{
$errors ['email']= '<b>The email you entered does not appear to be valid</b></br>';
}
}
if (empty($_POST['phone_number'])){
$errors['phone_number'] = 'Phone number is required.';
} else{
$phone_number_exp ='/^[0-9]{5,12}$/';
if(!preg_match($phone_number_exp, $phone))
{
$errors ['phone_number']='<b>Phone number entered is invalid</b></br>';
}
}
if (empty($_POST['message'])){
$errors['message'] = 'Message is required.';
}
// return a response ===========================================================
// if there are any errors in our errors array, return a success boolean of false
if ( ! empty($errors)) {
// if there are items in our errors array, return those errors
$data['success'] = false ;
$data['errors'] = $errors ;
} else
{
// success processing
//connecting to the db
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = '1';
$dbconn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($db);
$query = ("INSERT INTO user (name, email, phone_number, message) VALUES ('$name','$email','$phone','$message')");
mysql_query($query);
{
$data['1'] = false;
}
// email sent from gmail client id = ---
$email_to="---";
$email_subject="Lead Form";
$msg = "Form details from interested customer:\n\n";
function clean($string)
{
$sickstring = array("content-type","bcc:","to:","cc:","href");
return str_replace($sickstring,"-",$string);
//replaces any characters found in the array with a "-".
}
$msg .= "Email: ".clean($email)."\n";
$msg .= "Phone Number: ".clean($phone)."\n";
$msg .= "Name: ".clean($name)."\n";
$msg .= "Message: " . ($message)."\n";
/* if using the name variable
$message .= "name: ".clean($name)."\n"; */
//header for email.. variable not working , check variable on thursday ..
$headers = "From: " . ($email) . "\r\n".
"Reply_To: " . ($email) . "\r\n".
"xmailer: php/" . phpversion();
@mail($email_to, $email_subject, $msg, $headers);
$data['success'] = true;
$data['message'] = 'Success!';
}// return all our data to an AJAX call
echo json_encode($data); <form action="process.php" method="POST" id="ezform">
<!-- NAME -->
<div id="name-group" class="form-group">
<label for="name">Name</label>
<input type="text" class="form-control" name="name" placeholder="Name">
</div>
<!-- EMAIL -->
<div id="email-group" class="form-group">
<label for="email">Email</label>
<input type="text" class="form-control" name="email" placeholder="example@etc.com">
</div>
<!-- NUMBER -->
<div id="phone_number-group" class="form-group">
<label for="phone_number">Phone Number</label>
<input type="text" class="form-control" name="phone_number" placeholder="Number">
</div>
<!--MESSAGE-->
<div id="message-group" class="form-group">
<label for="message">Message</label>
<input type="text" class="form-control" name="message" placeholder="Your Message">
</div>
<div id="Demo-BS" style="padding:30px;">
<button type="submit" class="btn btn-default">Submit</button>
</div>
</form>
答案 0 :(得分:0)
在查询上方添加此代码您已撰写。
$message = htmlentities($message);
虽然您使用的是文本区域,但您应该使用htmlentities来转义HTML字符