HTML表单未通过PHP处理器将数据发布到MySQL数据库中

时间:2018-07-24 20:59:07

标签: php mysql html5 pdo

上下文:

我正在使用以下堆栈:HTML / CSS,PHP,MySQL,以构建一个Web应用程序,该应用程序存储和检索输入到表单的数据。

问题:

当我在本地将数据输入表单(index.php的html部分)时,实际上并没有将该数据发布到我已设置的mysql数据库中,并抛出错误,提示存在未知列。

我认为问题出在插入值部分。如果有人对为什么不发布有任何想法,我将很乐意提供任何帮助。谢谢您的宝贵时间!

图片

inspecting code locally AFTER inserting and submitting

代码

index.php 

<?php

include("dbconfig.php");

try {

  /* connect with credentials held in dbconfig file */
  $conn = new PDO("mysql:host=$server;dbname=$db", $user, $pass);

  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  echo "Successfully Connected!";


  /* input sanitization */
  $title = htmlspecialchars($_POST['title']);
  $overview = htmlspecialchars($_POST['overview']);
  $threat_details = htmlspecialchars($_POST['threat_details']);
  $cust_name = htmlspecialchars($_POST['cust_name']);
  $fld_insight = htmlspecialchars($_POST['fld_insight']);
  $competitor = htmlspecialchars($_POST['competitor']);
  $id = htmlspecialchars($_POST['id']);
  $rev_damage = htmlspecialchars($_POST['rev_damage']);
  echo "data sanitized";

  /* submits data IF the submit button is pressed */
  if(isset($_POST['submit'])) {

      /* insert the values passed into the html form into mysql database */
    $sql = "INSERT INTO comp (title, overview, threat_details, cust_name, fld_insight, competitor, id, rev_damage) VALUES ('titleBinded', 'overviewBinded', 'threatDetailsBinded', 'customerNameBinded', 'fieldInsightBinded', 'competitorBinded', 'idBinded', 'revDamageBinded')";


    $sqlPrepared = $conn->prepare($sql);

    $sqlPrepared->bindParam(':titleBinded',$title);
    $sqlPrepared->bindParam(':overviewBinded',$overview); 
    $sqlPrepared->bindParam(':threatDetailsBinded',$threat_details);
    $sqlPrepared->bindParam(':customerNameBinded',$cust_name);
    $sqlPrepared->bindParam(':fieldInsightBinded',$fld_insight);
    $sqlPrepared->bindParam(':competitorBinded',$competitor);
    $sqlPrepared->bindParam(':idBinded',$id);
    $sqlPrepared->bindParam(':revDamageBinded',$rev_damage);


    $sqlPrepared->execute();
    echo "Successfully Inserted!";
  }


  /* commit the transaction */
  if (!$conn->commit()) {
    print("Commit failed\n");
    exit();
  }


  /* close connection */
  $conn->close();

}
catch(PDOException $e) {

  echo "Connection failed: " . $e->getMessage();
}

?>


<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">


<div class="form-style-2-heading">Create New Competitor</div>


<style>
html,body,h1,h2,h3,h4,h5 {font-family: "Raleway", sans-serif}
</style>
<body class="blue">

</head>


<body>



<!-- Top container -->
<div class="w3-bar w3-top w3-blue w3-large" style="z-index:4">
  <span class="w3-bar-item w3-center">Create New Competitor</span>
</div>

<div class="w3-main" style="margin-left:300px;margin-top:43px;">



<!-- SUBMIT PAGE CONTENT TO DATABASE  -->
<form method="POST">

<label id="info">
<span>Opportunity Title<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opti"></label>
<br>
<br>

<label id="info">
<span>Opportunity Overview<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opov"></label>
<br>
<br>

<label id="info">
<span>Competitive Threat Details<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="compdet"></label>
<br>
<br>

<label id="info">
<span>Customer Name<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="custnme"></label>
<br>
<br>

<label id="info">
<span>Field Insight<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="fldinsght"></label>
<br>
<br>

<label id="info">
<span>Name of Company Competitor<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="cmpname"</label>
<br>
<br>

<label id="info">
<span>Enter Deal ID<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="id"</label>
<br>
<br>

<label id="info">
<span>Approx. Revenue Implications<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="rev"</label>
<br>
<br>

<b>Technologies/Domains Included</b>
<br>
<br>

<label id="container">Tech1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<b>Geo/Theatre</b>
<br>
<br>

<label id="container">Geo1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo8
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo9
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo10
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo11
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo12
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo13
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo14
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo15
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo16
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<label><span>&nbsp;</span><input type="submit" value="Submit" name="submit" /></label>

</form>
</div>
</html>

create.sql 

drop database if exists comp;
create schema comp;
use comp;
create table comp (
    titleBinded VARCHAR(50),
    overviewBinded VARCHAR(255),
    threatDetailsBinded VARCHAR(255),
    customerNameBinded VARCHAR(30),
    fieldInsightBinded VARCHAR(255),
    competitorBinded VARCHAR(30),
    idBinded INT,
    revDamageBinded INT,
    PRIMARY KEY (idBinded)
);
create table technologies (
    name VARCHAR(225), 
    PRIMARY KEY (name)
);
create table geography (
    area VARCHAR(255),
    PRIMARY KEY (area)
);

1 个答案:

答案 0 :(得分:1)

由于create table语句包含列名,因此必须在查询中使用这些列名:

create table comp (
    titleBinded VARCHAR(50),
    overviewBinded VARCHAR(255),
    threatDetailsBinded VARCHAR(255),
    customerNameBinded VARCHAR(30),
    fieldInsightBinded VARCHAR(255),
    competitorBinded VARCHAR(30),
    idBinded INT,
    revDamageBinded INT,
    PRIMARY KEY (idBinded)
);

查询应如下所示:

INSERT INTO comp (titleBinded, overviewBinded, threatDetailsBinded, customerNameBinded ...

现在,您的绑定语句中有一个:-

$sqlPrepared->bindParam(':titleBinded',$title);
$sqlPrepared->bindParam(':overviewBinded',$overview); 
$sqlPrepared->bindParam(':threatDetailsBinded',$threat_details); ...

所以您也应该在查询中使用那些,不带引号

VALUES (:titleBinded, :overviewBinded, :threatDetailsBinded, :customerNameBinded, :fieldInsightBinded, :competitorBinded, :idBinded, :revDamageBinded)

由于您要绑定变量,因此可以摆脱使用htmlspecialchars()的行,因为这不会清理数据,因此在准备好的语句中进行绑定就可以了。

简而言之

您必须具有带有name属性的form元素。发布后,您可以从那里绑定该变量以在查询中使用:

<input type="text" name="this_input_name" />

如果使用POST方法,则可以在绑定中使用变量,如下所示:

$sqlPrepared->bindParam(':thisBoundName', $_POST['this_input_name']);

您的查询将如下所示:

INSERT INTO `tablename` (`this_column_name`) VALUES (:thisBoundName)

请注意如何使用命名输入this_input_name来绑定参数:thisBoundName,以及如何将参数用作要插入列中的值(在创建表时创建的) )。

相关问题
最新问题