HTML表单没有通过php将数据提交到我的数据库

时间:2017-05-26 05:14:15

标签: php html mysql database

我需要帮助让我的HTML表单将数据提交到我的数据库(mysql)。数据库连接正常,但它似乎无法将数据桥接到数据库中。我正在使用Notepad ++作为我的文本编辑器和测试人员。这是一个项目提前在课堂上,我需要了解如何为它做这件事。

HTML

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Add Record Form</title>
</head>
<body>
<form action="insert.php" method="post">
    <p>
        <label for="firstName">TechID:</label>
        <input type="text" name="techid" id="TechID">
    </p>
    <p>
        <label for="lastName">First Name:</label>
        <input type="text" name="firstname" id="FirstName">
    </p>
    <p>
        <label for="emailAddress">Last Name:</label>
        <input type="text" name="lastname" id="LastName">
    </p>
    <p>
        <label for="emailAddress">Phone:</label>
        <input type="text" name="phone" id="Phone">
    </p>
    <p>
        <label for="emailAddress">Email:</label>
        <input type="text" name="email" id="Email">
    </p>
    <p>
        <label for="emailAddress">State:</label>
        <input type="text" name="state" id="State">
    </p>
    <p>
        <label for="emailAddress">Address:</label>
        <input type="text" name="address" id="Address">
    </p>
    <p>
        <label for="emailAddress">Zipcode:</label>
        <input type="text" name="zipcode" id="Zipcode">
    </p>
    <p>
        <label for="emailAddress">Date:</label>
        <input type="text" name="date" id="Date" placeholder="EX: 2017-7-25">
    </p>
    <p>
        <label for="emailAddress">Course:</label>
        <input type="text" name="course" id="Course">
    </p>
    <p>
        <label for="emailAddress">Request:</label>
        <input type="text" name="request" id="Request">
    </p>
    <input class="submit" name="submit" type="submit" value="Insert">
</form>
</body>
</html>    

PHP

<?php
$link = mysqli_connect("localhost", "root", "", "student_request");

if($link === false){
    die("ERROR: Could not connect. " . mysqli_connect_error());
}

if(isset($_POST['submit'])){ 
    $techid = $_POST['techid'];
    $firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $phone = $_POST['phone'];
    $email = $_POST['email'];
    $state = $_POST['state'];
    $address = $_POST['address'];
    $zipcode = $_POST['zipcode'];
    $date = $_POST['date'];
    $course = $_POST['course'];
    $request = $_POST['request'];

    $sql = "INSERT INTO student (TECH_ID, FIRST_NAME, LAST_NAME, PHONE_NUM, EMAIL, STATE, ADDRESS, ZIPCODE, DATE, COURSE, REQUEST_TYPE) VALUES ('$techid','$firstname','$lastname','$phone','$email','$state','$address','$zipcode','$date','$course','$request')";
    if(mysqli_query($link, $sql)) {
        echo "Records inserted successfully.";
    } else {
        echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
    }
}
mysqli_close($link);
?>

student 表格的表格结构: -

CREATE TABLE `student` (
  `REQUEST_ID` int(255) NOT NULL,
  `TECH_ID` int(11) NOT NULL,
  `FIRST_NAME` varchar(255) NOT NULL,
  `LAST_NAME` varchar(255) NOT NULL,
  `PHONE_NUM` varchar(255) NOT NULL,
  `EMAIL` varchar(255) NOT NULL,
  `STATE` varchar(255) NOT NULL,
  `ADDRESS` varchar(255) NOT NULL,
  `ZIPCODE` varchar(255) NOT NULL,
  `DATE` date NOT NULL,
  `COURSE` varchar(255) NOT NULL,
  `REQUEST_TYPE` text NOT NULL
)

1 个答案:

答案 0 :(得分:1)

@Donald在这里和你提问的类似例子。这肯定会对你有帮助。

祝你的项目好运

HTML code:

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Add Record Form</title>
</head>
<body>
<form action="insertrecords.php" method="post">
    <p>
        <label for="FirstName">First Name:</label>
        <input type="text" name="firstname" id="FirstName">
    </p>
    <p>
        <label for="LastName">Last Name:</label>
        <input type="text" name="lastname" id="LastName">
    </p>
    <p>
        <label for="Email">Email:</label>
        <input type="text" name="email" id="Email">
    </p>
    </p>
    <input class="submit" name="submit" type="submit" value="Insert">
</form>
</body>
</html>

PHP代码:insertrecords.php

<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "demo";

// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

if(isset($_POST['submit'])){

    //USE MYSQLI_REAL_ESCAPE_STRING() TO ESCAPE SINGLE QUOTES 
    // AND AGAINST SQL INJECTION      
    $firstname = mysqli_real_escape_string($conn, $_POST['firstname']);
    $lastname = mysqli_real_escape_string($conn, $_POST['lastname']);
    $email = mysqli_real_escape_string($conn, $_POST['email']);


    $sql = "INSERT INTO MyGuests (firstname, lastname, email)
    VALUES ('$firstname', '$lastname', '$email')";

    if (mysqli_query($conn, $sql)) {
        echo "New record created successfully";
    } else {
        echo "Error: " . $sql . "<br>" . mysqli_error($conn);
    }

    mysqli_close($conn);    
}
?>

我还建议你开始学习MYSQLI->PREPARED声明,以便更加安全地对待SQL-INJECTION。以下是与MYSQLI->PREPARED语句和PARAMETERIZED QUERY相同的相同示例。

<?php    
$sql = $conn->stmt_init();

    $query = "INSERT INTO MyGuests (firstname, lastname, email)
    VALUES (?,?,?)";

    if($sql->prepare($query)){
        $sql->bind_param('sss',$firstname,$lastname,$email);

        $sql->execute();

        echo "New record successfully inserted";
    }
    else
    {
        echo "Error inserting the record".$conn->error;
    }
?>

尝试代码。随意提问