0
我想创建一个表格,用户正在选择一个选项让我们说,他会选择他的名字我用阿贾克斯打电话给另一个页面,在这个页面我创建连接并插入答案问题它插入null 代码 index.php文件为什么null在数据库中插入?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>MyDataBase </title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js"> </script>
$(document).ready(function(){
$("#mysubmit").click(function(){
$.ajax({
url:"Final.php",
type:"POST",
success: function(success_array)
{
alert(" Well Done ");
},
error: function(xhr, ajaxOptions, thrownError)
{
alert(" Didn't work ! ");
}
});
});
});
</script>
</head>
<form method="post" id = "myform">
<input type="radio" name="kname" value="X1" />X1<br />
<input type="radio" name="kname" value="Y1" />Y1<br />
<input type="radio" name="kname" value="A1" />A1<br />
<input type="radio" name="kname" value="G1" />G1<br />
<input type="submit" onclick="save()" id="mysubmit"/>
</form>
<body>
</body>
</html>
Final.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Thanks</title>
</head>
<body>
<?php
$con = mysqli_connect("localhost","root","xyz","test");
mysqli_query($con,"INSERT INTO name values ('$_POST[kname]')");
?>
</body>
</html>
**警告**您的代码易受sql注入攻击! –
@ DanielA.White,没有什么比[刚刚访问过的问题](http://stackoverflow.com/q/17664993/)。这仍然很容易受到SQL注入的影响,应该修复。 –
您有SQL注入漏洞。那么你已经做了哪些调试来试图缩小这个范围?你有没有考虑尝试处理MySQL错误,看看问题可能是什么? –