1. 首页
  2. 问答
  3. 如何删除这些警告

如何删除这些警告

2012-11-28 128 views
0

我米使用允许在WordPress的帖子和网页插件PHP通过我整合形式如何删除这些警告

警告:mysql_real_escape_string():21不..wp一个有效的MySQL-Link的资源上线 - 包括\的wp-db.php中789

警告:mysql_error():21是不是一个有效的MySQL-Link的资源..wp,包括上线\的wp-db.php中1102

我的表单的代码是

$con = mysql_connect("localhost","root",""); 
if (!$con) 
    { 
    die('Could not connect: ' . mysql_error()); 
    } 

mysql_select_db("form", $con); 
$sql="INSERT INTO data (consignor,consignee, conveyance, origin, entry_port, importing_country, container_no, package_no, package_type, product_name, bot_name, quantity, certify, add_declaration, date,treatment, duration_temprature, concentration, add_information, inspector_name, place, name_designation, issue_date) 
VALUES 
('$_POST[exporter]', '$_POST[importer]', '$_POST[conveyance]', '$_POST[origin]', '$_POST[dpoe]', '$_POST[impcon]', '$_POST[container]', '$_POST[nopk]', '$_POST[tyop]', '$_POST[name]', '$_POST[botname]', '$_POST[quantity]', '$_POST[certify]', '$_POST[declaration]', '$_POST[date]', '$_POST[treatment]', '$_POST[dutemp]', '$_POST[concen]', '$_POST[adinfo]', '$_POST[insname]', '$_POST[place]', '$_POST[namedesg]', '$_POST[dateissue]')"; 

if (!mysql_query($sql,$con)) 
    { 
    die('Error: ' . mysql_error()); 
    } 
echo "Form Submitted"; 

mysql_close($con); 
?> 
<form action="#" method="post"> 
<table height ="200px" width="676" border="1" cellspacing="0" cellpadding="0"> 

<tr> 
<td colspan="7" valign="top" width="676"> 
</td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">1. Exporter/Consignor (Name & Address)<br/> 
<input type="text" name="exporter" /> 
</td> 
<td colspan="4" valign="top" width="356">2. Importer/Consignee (Name & Address) 
 <input type="text" name="importer" /> 
</td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">3. Declared means of conveyance 
<input type="text" name="conveyance" /></td> 
<td colspan="4" valign="top" width="356">4. Place of Origin<br/> 
<input type="text" name="origin" /></td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">5. Declared Port of entry<br/> 
<input type="text" name="dpoe" /></td> 
<td colspan="4" valign="top" width="356">6. Department of Plant Protection of Pakistan To Plant Protection Organization Of (importing country)<br/> 
<input type="text" name="impcon" /> 
</td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">7. Distinguishing marks/Container No./ Seal No.<br/> 
<input type="text" name="container" /></td> 
<td colspan="3" valign="top" width="172">8. No. of Packages<br/> 
<input type="text" name="nopk" /> 
</td> 
<td valign="top" width="184">9. Type of packages<br/> 
<input type="text" name="tyop" /></td> 
</tr> 
<tr> 
<td valign="top" width="221">10. Name of Product<br/> 
<input type="text" name="name" /></td> 
<td colspan="4" valign="top" width="233">11. Botanical name of plant 
<br/> 
<input type="text" name="botname" /> 
</td> 
<td colspan="2" valign="top" width="221">12. Quantity<br/> 
<input type="text" name="quantity" /></td> 
</tr> 
<tr> 
<td colspan="7" valign="top" width="676">13. This is to certify that the plants, plant products or other regulated articles described herein above have been inspected and/ or tested according to appropriate official procedures and are considered to be free from the quarantine pests, specified by the importing contracting party and to conform with the current phytosanitary requirements  of the importing contracting party including those for regulated non-quarantine pests.<br/> 
<input type="checkbox" name="certify" value="Yes"/> Yes 
<input type="checkbox" name="certify" value="No"/> No<br/> 
 </td> 
</tr> 
<tr> 
<td colspan="7" valign="top" width="676">14. Additional Declaration 
<br/> 
<textarea name="declaration" cols="40" rows="2">Please limit your response to 200 characters.</textarea><br /> 
</td> 
</tr> 
<tr> 
<td colspan="7" valign="top" width="676" bgcolor="grey"> 
<p align="center"><strong>Disinfestations and/or disinfection treatment </strong></p> 
</td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">15. Date 
<br/> 
<input type="text" name="date" /></td> 
<td colspan="4" valign="top" width="356">16. Treatment<br/> 
<input type="text" name="treatment" /></td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">17. Duration & Temperature 
<br/> 
<input type="text" name="dutemp" /> 
</td> 
<td colspan="4" valign="top" width="356">18. Concentration<br/> 
<input type="text" name="concen" /></td> 
</tr> 
<tr> 
<td colspan="3" valign="top" width="320">19. Additional Information 
<br/> 
<textarea name="adinfo" cols="40" rows="2">Please limit your response to 200 characters.</textarea><br /> 
</td> 
<td colspan="4" valign="top" width="356">20. Name of Inspector<br/> 
<input type="text" name="insname" /></td> 
</tr> 
<tr> 
<td colspan="2" valign="top" width="240">21. Stamps of Organization 
<br></br><br></br> 
 </td> 
<td rowspan="2" colspan="2" valign="top" width="168"> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong> </strong></p> 
<p align="right"><strong>PROGRESSIVE </strong></p> 
</td> 
<td rowspan="2" colspan="3" valign="top" width="340">23. Place of issue<br/> 
<input type="text" name="place" /><br/> 
24. Signature__________________________<br/><br></br> 
25. Name and designation of authorized officer 
<input type="text" name="namedesg" /> <br/><br/> 
26. Date <br/> 
<input type="text" name="dateissue" /></p></td> 
</tr> 
<tr> 
<td colspan="2" valign="top" width="240">22. No financial liability with respect to this certificate shall attach to department of plant protection or to any of its officers or representatives 
<br></br></td> 
</tr> 
<tr> 
<td width="221" border="0"></td> 
<td width="19"></td> 
<td width="80"></td> 
<td width="48"><input type="submit" value="Submit Form" /></td> 
<td width="47"><input type="reset" value="Reset" /></td> 
<td width="137"></td> 
<td width="220"></td> 
</tr> 
<tr><td></td> 
<td></td> 
<td></td> 
<td align="right"></td> 
</tr> 
</table> 
</form> 
</html>

来源

2012-11-28 Waqas Farooqi

+0

此外,它还显示窗体顶部的“表单提交”和数据存储在表中。有人会帮我解决这个问题吗? –

回答

1

在wordpress中,你不能使用普通的mysql系统调用数据库。您需要通过

global $wpdb;

查看此链接了解更多示例。 http://codex.wordpress.org/Class_Reference/wpdb

编辑

试着改变你的PHP调用代码弄成这个样子。

EDIT2

添加一些代码,以防止SQL攻击。基本上把它们变成变量并逃脱它。

<?php 
//no need to connect & close to db. it's done automatically by wpdb. 
// the database MUST be the same with wordpress database. only different tables. 
global $wpdb; 

//protect your codes from attacks. 
@ isset($_POST['exporter']) ? $exporter=$wpdb->escape($_POST['exporter']) : $exporter=''; 
@ isset($_POST['importer']) ? $importer=$wpdb->escape($_POST['importer']) : $importer=''; 
@ isset($_POST['conveyance']) ? $conveyance=$wpdb->escape($_POST['conveyance']) : $conveyance=''; 
//.... 
@ isset($_POST['dateissue']) ? $dateissue=$wpdb->escape($_POST['dateissue']) : $dateissue=''; 


if (!$wpdb->insert('data', 
         array(
          'consignor'=>$exporter 
          ,'consignee'=>$importer 
          ,'conveyance'=>$conveyance 
          //... 
          ,'issue_date'=>$dateissue 
         ))) exit; 
else {echo 'Form Submitted';} 
?>

来源

2012-11-28 07:13:34

+0

所以我可以用全局$ wpdb替换所有的db变量; –

+0

我会在上面编辑。 –

+0

我可以通过纯HTML插件单独集成HTML表单吗? –

相关问题

 相关问题