我想从数据库表中获取用户(当前登录)的电子邮件和他/她的uid,然后将其插入另一个表中。我已经尝试了但是我得到的空白结果是在uid和电子邮件中。
<?php
session_start();
if(isset($_POST['button'])){
$bidamount = $_POST['bidamount'];
$email = $_SESSION['$u_email'];
$uid = $_SESSION['$u_uid'];
//TO ALERT SUBMISSION OF BLANK FIELDS(IT DOESN'T PREVENT SUBMISSION OF BLANK FIELD THOUGH)
if (!$bidamount){
echo "can't submit blank fields";
}
//TO CONFIRM YOU ARE CONNECTED TO YOUR DATABASE (OPTIONAL)
$connection = mysqli_connect('localhost', 'root', '', 'tickmill_auctions');
if ($connection){
header ("Location: ../Afterlogin.php?action=success");
}else{
die("connection failed");
}
//TO INSERT username and password from field to jossyusers database
$query = "INSERT INTO orders(bidamount,email,uid) VALUES('$bidamount','$email','$uid')";
$result = mysqli_query($connection, $query);
if(!$result){
die("OOPPS! query failed".mysqli_error($connection));
}
}
?>
答案 0 :(得分:0)
这看起来不对,因为我在脚本中看不到名称为$u_email和$u_uid
$email = $_SESSION['$u_email'];
$uid = $_SESSION['$u_uid'];
删除$标志并尝试
$email = $_SESSION['u_email'];
$uid = $_SESSION['u_uid'];
或者,如果你确实设置了这些变量,则使用双引号而不是像这样的单引号
$email = $_SESSION["$u_email"];
$uid = $_SESSION["$u_uid"];
警告:您的脚本对SQL Injection Attack开放 甚至if you are escaping inputs, its not safe! 使用prepared parameterized statements
同时测试时,添加
ini_set('display_errors', 1);
ini_set('log_errors',1);
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
到你的脚本的顶部。这将强制执行任何mysqli_错误
生成您可以在浏览器上看到的异常,并且您的浏览器上也会显示其他错误。