PHP表单(有时)将空白条目输入MySQL

时间:2018-03-20 18:17:58

标签: php mysql

我尝试过创建一个基本的注册表单(我对PHP很新)。 表单有时会起作用,但大多数情况下它只是将空白条目发送到MySQL数据库中。以下是代码:

我有以下表格:

<form action="#" method="post">
        <h2 class="sub-heading-agileits">Participant 1</h2>
        <div class="main-flex-w3ls-sectns">
            <div class="field-agileinfo-spc form-w3-agile-text1">
                <input type="text" name="name1" placeholder="Full Name" required="">
            </div>
            <div class="field-agileinfo-spc form-w3-agile-text1">
                <select class="form-control" name="year1">
                                    <option>Year</option>
                                    <option value="1st Year">1st Year</option>
                                    <option value="2nd Year">2nd Year</option>
                                    <option value="3rd Year">3rd Year</option>
                                </select>
            </div>
        </div>
        <div class="main-flex-w3ls-sectns">
            <div class="field-agileinfo-spc form-w3-agile-text2">
                <input type="text" name="phone1" placeholder="Phone Number" required="">
            </div>
            <div class="field-agileinfo-spc form-w3-agile-text2">
                <input type="text" name="college1" placeholder="College" required="">
            </div>
        </div>
        <div class="field-agileinfo-spc form-w3-agile-text">
            <input type="email" name="email1" placeholder="Email" required="">
        </div>
        <h2 class="sub-heading-agileits">Participant 2</h2>
        <div class="main-flex-w3ls-sectns">
            <div class="field-agileinfo-spc form-w3-agile-text1">
                <input type="text" name="name2" placeholder="Full Name">
            </div>
            <div class="field-agileinfo-spc form-w3-agile-text1">
                <select class="form-control" name="year2">
                                    <option>Year</option>
                                    <option value="1st Year">1st Year</option>
                                    <option value="2nd Year">2nd Year</option>
                                    <option value="3rd Year">3rd Year</option>
                                </select>
            </div>
        </div>
        <div class="main-flex-w3ls-sectns">
            <div class="field-agileinfo-spc form-w3-agile-text2">
                <input type="text" name="phone2" placeholder="Phone Number">
            </div>
            <div class="field-agileinfo-spc form-w3-agile-text2">
                <input type="text" name="college2" placeholder="College">
            </div>
        </div>
        <div class="field-agileinfo-spc form-w3-agile-text">
            <input type="email" name="email2" placeholder="Email">
        </div>
        <div class="clear"></div>
        <input type="submit" value="Submit">
        <input type="reset" value="Clear Form">
        <div class="clear"></div>
    </form>

我很抱歉长表格代码。

这是将数据发布到数据库的PHP代码:

$servername = "localhost";
$username = "fic";
$password = "fic201718";
$dbname = "fic201718";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
$name1 = $_POST['name1'];
$year1 = $_POST['year1'];
$phone1 = $_POST['phone1'];
$college1 = $_POST['college1'];
$email1 = $_POST['email1'];
$name2 = $_POST['name2'];
$year2 = $_POST['year2'];
$phone2 = $_POST['phone2'];
$college2 = $_POST['college2'];
$email2 = $_POST['email2'];
$sql = "INSERT INTO identitytheft (Participant1Name,Participant1Year,Participant1Phone,Participant1College,Participant1eMail,Participant2Name,Participant2Year,Participant2Phone,Participant2College,Participant2eMail) VALUES ('$name1','$year1','$phone1','$college1','$email1','$name2','$year2','$phone2','$college2','$email2')";
$conn->query($sql);
if (!empty($_POST['name1'])) {
    echo ("<script type=\"text/javascript\"> alert('Successfully Registered'); </script>");
}

但是,表单有时会将绝对空白数据插入数据库。它有时会起作用。

我注意到的一件事是,如果答案中没有特殊字符,我不会得到空行。我的列设置为utf8_unicode_ci(所有列)。这可能有问题吗? 请帮帮忙?

2 个答案:

答案 0 :(得分:0)

如果您的POST变量不为空并且您看到的数据是您所期望的,那么它不是您的表单,而且最像您的查询。在表单提交后使用var_dump检查您的帖子变量。

var_dump($_POST);

我要注意的第一件事是你当前的方法容易受到SQL注入的影响,所以你需要清理你的代码。查找准备好的资料http://php.net/manual/en/mysqli.quickstart.prepared-statements.php

我会清理你当前的查询,这应该适合你。我显然没有你的数据库设置,所以我可以测试它。你不必像我那样格式化它,除非我正在调试,否则我通常不会这样格式化 - 它有助于将列名称与值对齐。

<?php
$servername = "localhost";
$username = "fic";
$password = "fic201718";
$dbname = "fic201718";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$name1 = $_POST['name1'];
$year1 = $_POST['year1'];
$phone1 = $_POST['phone1'];
$college1 = $_POST['college1'];
$email1 = $_POST['email1'];
$name2 = $_POST['name2'];
$year2 = $_POST['year2'];
$phone2 = $_POST['phone2'];
$college2 = $_POST['college2'];
$email2 = $_POST['email2'];

$sql = "INSERT INTO identitytheft (
    Participant1Name,
    Participant1Year,
    Participant1Phone,
    Participant1College,
    Participant1eMail,
    Participant2Name,
    Participant2Year,
    Participant2Phone,
    Participant2College,
    Participant2eMail)
    VALUES (
    '".$name1."',
    '".$year1."',
    '".$phone1."',
    '".$college1."',
    '".$email1."',
    '".$name2."',
    '".$year2."',
    '".$phone2."',
    '".$college2."',
    '".$email2."'
)";
$conn->query($sql);
if (!empty($_POST['name1'])) {
    echo ("<script type=\"text/javascript\"> alert('Successfully Registered'); </script>");
}
?>

答案 1 :(得分:0)

if(!empty($varname) && !empty($varname)){
  sql statements over here within php code
}

您可以添加这种类似的代码类型,因为它仅在输入字段不为空且不会将非空数据发布到您的数据库时才有效