这是我的主要PHP代码:
<?php
define('dbServer', 'localhost');
$dbUsername = 'root';
$dbPassword = '';
define('dbName', '1');
$dbConnection = mysqli_connect(dbServer, $dbUsername, $dbPassword, dbName);
if(!$dbConnection){
die("Unsuccessful Connection: " . mysqli_connect_error());
}
// All user data will be taken from the form //
$emailAddress = $_POST['emailaddress'];
$firstName = $_POST['firstname'];
$lastName = $_POST['lastname'];
$streetAddress = $_POST['streetaddress'];
$phoneNumber = $_POST['phonenumber'];
$comments = $_POST['comments'];
$sql = "INSERT INTO user-submission (email, firstName, lastName, address, phoneNumber, comment) VALUES ('$emailAddress', '$firstName', '$lastName', '$streetAddress', '$phoneNumber', '$comments')";
$result = mysqli_query($dbConnection, $sql);
if (!$result){
die('Error: ' . mysqli_connect_error());
}
?>
我的SQL数据库包含行ID,电子邮件,firstName,lastName,address,phoneNumber,comment。它们位于名为“#1”的数据库中。 (用于测试目的)和一个名为&#39; user-submission&#39;。
的表格我无法将此信息查询到我的表格中。我之前在其他SQL和PHP配对上取得了成功。这次我做错了什么?
答案 0 :(得分:0)
在顶部的开始php标记下方添加此项,然后服务器将告诉您错误是什么。如果您需要帮助decyfering
,请在此处复制错误error_reporting( E_ALL );
答案 1 :(得分:0)
首先,您需要进行更改,以便黑客不会滥用您的代码。 只需等到 johnny;删除表格; 过来并清除您的数据库。
// All user data will be taken from the form //
$emailAddress = mysqli_real_escape_string($dbConnections,$_POST['emailaddress']);
$firstName = mysqli_real_escape_string($dbConnections,$_POST['firstname']);
$lastName = mysqli_real_escape_string($dbConnections,$_POST['lastname']);
$streetAddress = mysqli_real_escape_string($dbConnections,$_POST['streetaddress']);
$phoneNumber = mysqli_real_escape_string($dbConnections,$_POST['phonenumber']);
$comments = mysqli_real_escape_string($dbConnections,$_POST['comments']);
$sql = "INSERT INTO `user-submission` (email, firstName, lastName, address, phoneNumber, comment) VALUES (?,?,?,?,?,?)";
$prep=$dbConnections->prepare($sql);
$prep->bind_param("ssssss",$emailAddress,$firstName,$lastName,$streetAddress,$phoneNumber,$comments);
#actually puts everything together, and puts it in the database
$prep-execute();