为什么我无法使用PHP和MySQL将数据提交到数据库?

时间:2018-03-24 04:51:24

标签: php html database

这是我的HTML代码,也有PHP代码。

我已经包含了我的两个文件,并且我已经尝试了大部分选项。我知道我的所有位置都是正确的,所以我隐藏了那些,除了代码中的所有内容。



<!DOCTYPE html>
<html>
<head>
    <title> CK EDITOR </title>
    <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css">
    <link rel="stylesheet" type="text/css" href="fontawesome/fontawesome-free-5.0.6/web-fonts-with-css/css/fontawesome.min.css">
    <script src="ckeditor/ckeditor/ckeditor.js" type="text/javascript" ></script>
</head>
<body>
    <br>
    <a class="btn btn-success" href="textareaNB.php"> Home </a>
    <a class="btn btn-success" href="ListNB.php">Lists</a>
    <br><br>
    <form action="add.php" method="POST" enctype="multipart/form-data">
        <textarea class="ckeditor" id="editor"></textarea>
        <br>
        <button type="submit" name="submit" class="btn btn-sucess">submit</button> 

    </form>
</body>
</html>
&#13;
&#13;
&#13;

&#13;
&#13;
<?php

    $path='lcoation';
    include ($path);
    include 'textareaNB.php';
    session_start();
    if($username == true){ 
    }
    else{
        header("location: http://localhost/Project/signupnb.php");
        exit();
    }

    $user=$_SESSION['user'];
   if(isset($_POST['submit']))
   {

    $date=date("Y/M/D");
    $entry=$_POST['editor'];
    $conn2=mysqli_connect("localhost","root","") or die(mysql_error());
    mysqli_Select_db($conn2,"editor") or die("connot connect to the database");

    mysqli_query($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values ('".$user."','".$entry."','".$date."')");
     print'<script> alert("Sucessfully Inserted!!!");</script>';
     print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';
    }
    else{
        header("location:http://localhost/Project/projectNB.php");
        exit();
    }
&#13;
&#13;
&#13;

2 个答案:

答案 0 :(得分:1)

你使用什么版本的PHP btw?如果您未使用PHP版本PHP 5.4.0+,请添加以下代码。这将反转从$ _变量中自动转义数据。

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

您的textarea没有名称,因此其内容不会传递到您的php文件。

更改:

<textarea class="ckeditor" id="editor"></textarea>

<textarea class="ckeditor" id="editor" name="editor"></textarea>

防止sql注入)端口到Prepared语句:

<强>替换

mysqli_query($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values ('".$user."','".$entry."','".$date."')");
 print'<script> alert("Sucessfully Inserted!!!");</script>';
 print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';

。通过

 $stmt = mysqli_prepare($conn2,"INSERT INTO `editornb` (`user_uid`, `content`, `date`) values (?, ?, ? );");
    mysqli_stmt_bind_param($stmt, "iss", $user, $entry, $date);
    $er = mysqli_stmt_execute($stmt);

    if( $er == TRUE ) {
        print'<script> alert("Sucessfully Inserted!!!");</script>';
        print'<script> windows.location.assign("http://localhost/Project/projectNB.php");</script>';
    }

答案 1 :(得分:0)

变化:

<textarea class="ckeditor" id="editor"></textarea>

为:

<textarea class="ckeditor" name="editor" id="editor"></textarea>