PHP表单未在数据库中输入任何内容,但已成功回显

时间:2019-05-05 11:55:30

标签: php

我用php创建了一个简单的学生注册表格,并且在localhost上运行良好,它可以毫无问题地将数据推送到数据库中,直到我将其上传到托管后才开始工作。

这是action.php

<?php
session_start();
include('db.php');
$nickname=$_POST['nickname'];

$result  = "SELECT  *  FROM  members  WHERE  nickname='".$nickname."'";
$member_result = mysqli_query($db, $result);
$count = mysqli_num_rows($member_result);

if  ($count < 0 )  {
header("location:  register.php?remarks=failed");
} else {

$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$date = date("Y-m-d");
$fullname= $_POST['fullname'];
$former_school=$_POST['former_school'];
$address=$_POST['address'];
$nickname=$_POST['nickname'];
$guardian=$_POST['guardian'];
$referrer = $_POST['referrer'];
$query = "INSERT  INTO  members(date, fullname, former_school, address, nickname, guardian, referrer, month, day, year)VALUES ('".$date."', '".$fullname."', '".$former_school."','".$address."', '".$nickname."',  '".$guardian."', '".$referrer."', '".$month."', '".$day."', '".$year."')";
$query_result = mysqli_query($db, $query);
header("location:  register.php?remarks=success");
}
?>

和我的数据库sql

CREATE TABLE `members` (
`mem_id` int(20) NOT NULL PRIMARY,
`month` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
`year` int(25) NOT NULL,
`date` date NOT NULL,
`fullname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`former_school` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`address` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`nickname` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`guardian` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`referrer` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`mem_id`)
);

任何评论和帮助都将受到高度赞赏。谢谢。

1 个答案:

答案 0 :(得分:1)

在表中day丢失了,但是您在day语句中插入了INSERT。这会导致MYSQL错误。

非常重要的提示:切勿做类似INSERT INTO table ... '".$_POST['anything']."'";的事情。请改用prepared statements

在表单中使用'; \n DROP TABLE members; --作为昵称将删除整个数据库!

此外,您可以使用mysqli_error()代替header()进行调试。这样会在错误消息中显示“未定义列day”这样的错误消息。