POST数据未发送

时间:2019-01-21 17:48:46

标签: php html forms mariadb

更新 添加了用于img上传以及添加到数据库的所有代码。 print_r($ _ POST); 的输出:数组([prodName] =>测试产品[prodPrice] => 100 [prodDescript] =>测试描述[submit] => UPLOAD) prodID列也是自动递增。

构建一个大家都非常友好地帮助过我的图像上传器,我现在正尝试使此表单的其余部分正常工作。我正在通过POST发送数据,但没有发送任何信息。我已经通过$ _FILES数组验证了图片上传,但是$ _POST数据中没有任何内容

我知道我的托管服务允许$ _POST,因为我还有另一种形式可以很好地使用它。我似乎无法得到任何错误来指出正确的方向。所以再说一次。我来找你很棒的人。

<form action="inventory_add.php" method="POST" enctype="multipart/form-data">
    <label>Product Name: </label>
    <input type="text" name="prodName" id="prodName">
    <br>
    <label>Product Price: </label>
    <input type="text" name="prodPrice" id="prodPrice">
    <br>
    <label>Product Description</label><br>
    <textarea name="prodDescript" width="200px" id="prodDescript"></textarea>
    <br>
    Select Image Files to Upload:
    <br>
    <input type="file" name="upload[]" multiple >
    <input type="submit" name="submit" value="UPLOAD">
</form>

inventory_add.php 中的一些代码:

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $servername = "**********";
    $username = "**********";
    $password = "***********";
    $dbname = "************";

    $prod_name = $_POST['prodName'];
    $prod_price = $_POST['prodPrice'];
    $prod_descript = $_POST['prodDescript'];
    print_r($_POST);
    // Create connection
    $conn = new mysqli($servername, $username, $password, $dbname);
    // Check connection
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    } else {
        if(isset($_FILES['upload'])){
            $total = count($_FILES['upload']['name']);
            for( $i=0 ; $i < $total ; $i++ ) {
                $tmpFilePath = $_FILES['upload']['tmp_name'][$i];
                if ($tmpFilePath != ""){
                    $newFilePath = "images/prod/" . $_FILES['upload']['name'][$i];
                    if(move_uploaded_file($tmpFilePath, $newFilePath)) {
                        $img_names = implode(",",$_FILES['upload']['name']);

                    }
                }
            }
            $prodID = $_SESSION['curcount'] + 1;
            $sql = "INSERT INTO `inventory` (`prodId`, `prodTitle`, `prodDescript`, `prodCost`, `prodImages`) VALUES (' '," . $prod_name. "," . $prod_descript . "," . $prod_price ."," .$img_names.")";
            if ($conn->query($sql) === TRUE) {;
                 //   header('location:http://nerdsforhire.pnd-productions.com/shopmgr.php');
            } else {
                    echo 'There was an issue adding this item.';
            };
        }
    }
} else {
    echo "Failed";
}

希望这将更新数据库...但事实并非如此。我不断收到“添加此项时出现问题。”

1 个答案:

答案 0 :(得分:1)

更新根据下面的讨论以及上面的代码,我认为问题出在您的SQL中而不是您的PHP中。建议您在问题中添加

$conn = new mysqli($servername, $username, $password, $dbname);
$sql = 'INSERT INTO `inventory` ( `prodTitle`, `prodDescript`, `prodCost`, `prodImages`) VALUES (?,?,?,?)' ;
$stmt = $conn->prepare($sql)
$stmt->bind_param("ssss", $prod_name, $prod_descript, $prod_price, $img_names);
$stmt->execute()
if($stmt->affected_rows > 0) {
   //header("location:https://sample.com"); #affected_rows > 0 so row was inserted
} else {
   echo 'There was an issue adding this item.'; #failed to insert;
}

那应该可以解决问题。这是一条准备好的语句,可以处理字符串中未转义逗号的问题并防止SQL注入。由于prodId是自动递增的,因此您在语句中不需要它,至少在MySQL中不需要。该语句的“ ssss”部分假设您要将字符串值传递给Db。可能要传递的数据类型是:

  • i-整数
  • d-双
  • s-字符串
  • b-斑点

有关PHP和预准备语句的更多信息,请参见WC3Schools