我正在尝试将Form信息插入数据库。一个非常简单的代码。
我已经验证了网站上的所有其他答案,但是它不起作用
<?php
session_start();
// variable declaration
$school_name= "";
$dob = "";
$stu_name = "";
$stu_id = "";
$class = "";
$section = "";
$project = "";
$_SESSION['success'] = "";
// connect to database
$db = mysql_connect('localhost', 'root', '');
global $db;
global $dbcreate;
//creating database
$dbcreate="CREATE DATABASE student";
$retval=mysql_query($dbcreate,$db);
//Creating table
mysql_select_db("student",$db);
if (isset($_POST['add'])){
// receive all input values from the form
$school_name = mysql_real_escape_string($_POST['school_name']);
$dob = mysql_real_escape_string($_POST['dob']);
$stu_name = mysql_real_escape_string( $_POST['stu_name']);
$stu_id = mysql_real_escape_string( $_POST['stu_id']);
$class = mysql_real_escape_string( $_POST['class']);
$section = mysql_real_escape_string( $_POST['section']);
$project = mysql_real_escape_string( $_POST['project']);
}
//Insert the data into the tables
if(isset($_POST['add'])){
$sql1="INSERT INTO student(school_name,dob,stu_name,stu_id,class,section,project)
VALUES ({$_POST['school_name']},{$_POST['dob']},{$_POST['stu_name']},{$_POST['stu_id']},{$_POST['class']},{$_POST['section']},{$_POST['project']})";
$insertquery=mysql_query($sql1,$db);
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Login</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="login-box">
<h1>Students Details</h1>
<form method="post" action="login.php">
<div class="textbox">
<i class="fas fa-user"></i>
<input type="text" placeholder="School Name" name="school_name"value="<?php echo $school_name;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Date" name="dob"value="<?php echo $dob;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Student Name" name="stu_name"value="<?php echo $stu_name;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Student Id" name="stu_id"value="<?php echo $stu_id;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="class" name="class"value="<?php echo $class;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Section" name="section"value="<?php echo $section;?>">
</div>
<div class="textbox">
<i class="fas fa-lock"></i>
<input type="text" placeholder="Project" name="project"value="<?php echo $project;?>">
</div>
<button type="submit" class="btn" name="add" href="login.php">Add details </button>
</form>
</div>
</body>
</html>
我希望信息会保存在数据库中。 我继续检查localhost / phpmyadmin中的数据库。
但是什么也没有保存。 不用担心我使用的是XAMPP的旧版本。
答案 0 :(得分:0)
您正在使用字符串操作来填充查询。永远不要这样做!大多数语言和数据库库都将提供参数化查询功能。 PHP使您为此略有不同。使用prepared statements确保此处未引用的字符串值都正确地转义了和。
答案 1 :(得分:-1)
尝试:
if (isset($_POST['add'])) {
// receive all input values from the form
$school_name = mysql_real_escape_string($_POST['school_name']);
$dob = mysql_real_escape_string($_POST['dob']);
$stu_name = mysql_real_escape_string( $_POST['stu_name']);
$stu_id = mysql_real_escape_string( $_POST['stu_id']);
$class = mysql_real_escape_string( $_POST['class']);
$section = mysql_real_escape_string( $_POST['section']);
$project = mysql_real_escape_string( $_POST['project']);
$sql1="INSERT INTO student(school_name,dob,stu_name,stu_id,class,section,project)
VALUES ('{$school_name}', '{$dob}', '{$stu_name}', '{$stu_id}', '{$class}', '{$section}', '{$project}')";
$insertquery = mysql_query($sql1, $db);
}
您还每次都在创建数据库,只需要执行一次ONCE,还需要创建表ONCE。