由于某种原因,我无法让我的表单插入到数据库中。我已经使用不同的方法重写了3次,似乎无法使其工作。希望有人能帮助我在现场。这是我的html代码。从表单插入数据库不插入,但没有产生错误
<?php
include_once 'layout/header.php';
?>
<!DOCTYPE html>
<html lang="en">
<div class= "jumbotron"></div>
<body>
<form action="send_form_email.php" method = "POST"/>
<p> First Name: <input type="text" name="first_name" maxlength="50" size="30"/></p>
<p> Last Name: <input type="text" name="last_name" maxlength="50" size="30"/></p>
<p> Email:<input type="text" name="email" maxlength="80" size="30"/></p>
<p> Telephone: <input type="text" name="telephone" maxlength="12" size="30"/></p>
<p> Comments: <textarea name="comments" maxlength="1000" cols="32" rows="6"></textarea></p>
<br>
<input type="submit" value="Submit">
<br>
</br>
</form>
</body>
</html>
<?php include_once 'layout/footer.php'; ?>
这里是PHP代码。
<?php
include_once 'layout/header.php';
include_once 'db_function.php';
include_once 'helpers/helper.php';
session_start();
$DB_HOST = 'localhost';
$DB_USER = 'Chris';
$DB_PASSWORD = 'Uraloser82';
$DB_NAME = 'newsite';
$conn = mysqli_connect($DB_HOST, $DB_USER, $DB_PASSWORD, $DB_NAME);
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$telephone = $_POST['telephone'];
$comments = $_POST['comments'];
$query = "INSERT INTO contact(first_name, last_name, email, telephone, comments) VALUES ('$first_name', '$last_name', '$email', '$telephone', '$comments')";
?>
<h4>Thank you for contacting Plank's Brickyard we will get back to you very soon!</h4>
<img class= "gamer" src= "assets/uploads/gamer.jpg">
<?php include_once 'layout/footer.php'; ?>
请理解您的代码容易受到SQL注入攻击。 – 2014-11-08 04:17:39