HTML post to PHP

Question

试图将数据插入到我的表中，但我不断收到未定义的索引，因为“我提交表单时没有设置值”。 if (isset($_POST['submit']))即使我单独运行.php，但在提交表单时没有插入数据，我的错误也会消除。任何帮助表示赞赏。谢谢

我form.html

<form name="supportForm" class="form" action="database.php" method="POST" onsubmit="return validateForm()"> 

<label>Name:</label> 
<input type="text" name="name"/> 
<br/> 

<label>Client ID:</label> 
<input type="text" name="clientID"/> 
<br/> 

<label>E-mail address:</label> 
<input type="email" name="email"/> 
<br/> 

<label>Phone number:</label> 
<input type="tel" name="tel"/> 
<br/> 

<br/> 
Support Type:<br> 
<input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br> 
<input type="radio" name="suppType" value="Software">Software Issue<br> 
<input type="radio" name="suppType" value="Hardware">Hardware Issue<br> 
<input type="radio" name="suppType" value="Connectivity">Connectivity<br> 
</br> 

Operating System: 
<select id="select"> 
    <option disabled selected value="">Choose a product</option> 
    <option value="w7" name="OS">Windows 7</option> 
    <option value="w8" name="OS">Windows 8/8.1</option> 
    <option value="w10" name="OS">Windows 10</option> 
</select> 

<br> </br> 

Problem Description: 
<br><textarea id="ta" rows="10" cols="80" name="pDesc"></textarea></br> 

<input type="checkbox" name="terms" value="agree"> 
<a href="#">I agree to the terms and conditions.</a> 

<br> </br> 
<input type="hidden" name="submitted" value="true"> 
<input type="submit" name="submit" onClick="validateSubmit()"> 
</form> 

我的PHP文件

<?php 
//Creates static credentials 
define('DB_NAME', 'data'); 
define('DB_USER', 'root'); 
define('DB_PASSWORD', ''); 
define('DB_HOST', 'localhost'); 

//Creates connection to the database 
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD); 

//Checks for connection 
if ($con->connect_error) { 
    die("Connection failed: " . $con->connect_error); 
} 

//If there are no connection, error 
if (!$con) { 
    die ('Could not connect' . mysqli_error()); 
} 

//Select the 'data' database 
$con->select_db(DB_NAME); 

//Checks if database 'data' has been selected 
if (mysqli_select_db($con, DB_NAME)) { 
    echo "Database exists <br>"; 
} else { 
    echo "Database does not exist"; 
} 

//Successful connection message 
echo "Connected successfully <br>"; 

if (isset($_POST['submit'])) { 
//Retrieving values from support form 
    $name = $_POST['name']; 
    $clientID = $_POST['clientID']; 
    $email = $_POST['email']; 
    $tel = $_POST['tel']; 
    $suppType = $_POST['suppType']; 
    $OS = $_POST['OS']; 
    $pDesc = $_POST['pDesc']; 

//Inserting values into a table 
    $sql = "INSERT INTO info (fullname, clientID, email, tel, 
    suppType, OS, pDesc) 
    VALUES ($name, $clientID, $email, $tel, 
    $suppType, $OS, $pDesc)"; 

if (!mysqli_query($con, $sql)) { 
    echo "No data"; 
} else { 
    echo "Data recorded successfully"; 
} 
} 

//Closes connection 
mysqli_close($con); 

Answer 1

您必须<select>不<option>

<select id="select" name="OS"> 
    <option disabled selected value="">Choose a product</option> 
    <option value="w7">Windows 7</option> 
    <option value="w8">Windows 8/8.1</option> 
    <option value="w10">Windows 10</option> 
</select> 

写name="OS"和SQL必须是这样的你需要撇号（''）aro UND变量

$sql = "INSERT INTO `info` (fullname, clientID, email, tel, suppType, OS, pDesc) 
VALUES ('$name', '$clientID', '$email', '$tel', '$suppType', '$OS', '$pDesc')"; 

Answer 2

你不向我们展示validateForm（）函数，因此，我们将真的不知道发生了什么有，但是我编辑了自己的形式和使用PHP做了验证，

你需要什么首先要检查是否在跳转到插入数据库之前检查所有值，并确保电子邮件是正确的电子邮件，同时select属性需要位于select标签而不是选项标签上，select选项必须只有价值。

然后验证，过滤和存储到数据库 之前消毒的用户输入。对待表单上的每个用户输入，就好像它来自非常危险的黑客。

有一些所谓的预处理语句，在库MySQLi和PDO，你应该努力学习这一点，使用它:)你会喜欢它，我将它留给你研究，为什么你需要使用准备好的语句。

这是你的代码应该是什么样子

<form name="supportForm" class="form" action="database.php" method="POST"> 
    <label>Name:</label> 
    <input type="text" name="name"/> 
    <br/> 
    <label>Client ID:</label> 
    <input type="text" name="clientID"/> 
    <br/> 
    <label>E-mail address:</label> 
    <input type="email" name="email"/> 
    <br/> 
    <label>Phone number:</label> 
    <input type="tel" name="tel"/> 
    <br/> 
    <br/> 
    Support Type:<br> 
    <input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br> 
    <input type="radio" name="suppType" value="Software">Software Issue<br> 
    <input type="radio" name="suppType" value="Hardware">Hardware Issue<br> 
    <input type="radio" name="suppType" value="Connectivity">Connectivity<br> 
    </br> 
    Operating System: 
    <select id="select" name="OS"> 
     <option value="0">Choose a product</option> 
     <option value="w7">Windows 7</option> 
     <option value="w8">Windows 8/8.1</option> 
     <option value="w10">Windows 10</option> 
    </select> 
    <br> </br> 
    Problem Description: 
    <br> 
    <textarea id="ta" rows="10" cols="80" name="pDesc"></textarea> 
    </br> 
    <input type="checkbox" name="terms" value="agree"> 
    <a href="#">I agree to the terms and conditions.</a> 
    <br> </br> 
    <input type="hidden" name="submitted" value="true"> 
    <input type="submit" name="submit"> 
</form> 

然后database.php中

<?php 
//Creates static credentials 
define('DB_NAME', 'data'); 
define('DB_USER', 'root'); 
define('DB_PASSWORD', ''); 
define('DB_HOST', 'localhost'); 

$errors = ""; //checking for errors 

//Creates connection to the database 
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD); 

//Checks for connection 
if ($con->connect_error) { 
     die("Connection failed: " . $con->connect_error); 
} 

//If there are no connection, error 
if (!$con) { 
     die('Could not connect' . mysqli_error()); 
} 

//Select the 'data' database 
$con->select_db(DB_NAME); 

//Checks if database 'data' has been selected 
if (mysqli_select_db($con, DB_NAME)) { 
     echo "Database exists <br>"; 
} else { 
     echo "Database does not exist"; 
} 

//Successful connection message 
echo "Connected successfully <br>"; 

if (isset($_POST['submit'])) { 

     //check values are set 

     if (empty($_POST['name'])) { 

       echo "enter name"; 
       $errors++; 
     } else { 

       $name = userIput($_POST['name']); 
     } 

     if (empty($_POST['clientID'])) { 

       echo "enter id"; 
       $errors++; 
     } else { 

       $clientID = userIput($_POST['clientID']); 
     } 

     if (empty($_POST['email'])) { 

       echo "enter email"; 
       $errors++; 
     } else { 

       $email = userIput($_POST['email']); 

       if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email)) { //validate email, 

         echo "enter valid email"; 
         $errors++; 
       } 
     } 

     if (empty($_POST['tel'])) { 

       echo "enter tel"; 
       $errors++; 
     } else { 

       $tel = userIput($_POST['tel']); 
     } 

     if (!isset($_POST['suppType'])) { 

       echo "select one option"; 
       $errors++; 
     } else { 

       $suppType = userIput($_POST['suppType']); 
     } 

     if (isset($_REQUEST['OS']) && $_REQUEST['OS'] === "0") { 

       echo "please select product"; 
       $errors++; 
     } else { 

       $OS = userIput($_POST['OS']); 
     } 

     if (empty($_POST['pDesc'])) { 

       echo "enter Description"; 
       $errors++; 
     } else { 

       $pDesc = userIput($_POST['pDesc']); 
     } 


     if ($errors <= 0) { // No errors 

       //prepare and insert query 

       $sql = $con->prepare("INSERT INTO info (fullname, clientID, email, tel,suppType, OS, pDesc) VALUES (?, ?, ?, ?, ?, ?, ?)"); 
       $sql->bind_param("sssssss", $name, $clientID, $email, $tel, $suppType, $OS, $pDesc); 
       if ($sql->execute()) { 

         echo "records inserted successfully"; 
       } else { 

         echo "Could not insert " . mysqli_error(); 
       } 



       $sql->close(); 
       $con->close(); 




     } 

} 

function userIput($data) 
{ 

     $data = trim($data); 
     $data = stripslashes($data); 
     $data = htmlspecialchars($data); 
     return $data; 


} 
?> 

希望这将有助于一点点，你会学到一两件事，和我米总是可用于suggessions，只是incase我错过了什么。谢谢