1. 首页
  2. 问答
  3. 使用php输入数据从表格到数据库使用php

使用php输入数据从表格到数据库使用php

2012-10-15 47 views
-1

我想输入数据到数据库,但我不断收到错误。我不知道问题出在哪里。以下是代码:使用php输入数据从表格到数据库使用php

<?php 
    $sql = "INSERT INTO $db_table (title,group,overlapok,userid,name,phone,email,description,managers,location,notify,notifyman, 
remind,remindman,appmsg,viewaccess,viewulist,viewclist,makeaccess,makeulist,makeclist,showappinfo) 
VALUES ('".mysql_real_escape_string(stripslashes($_REQUEST['txtTitle'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkGroupCal'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkAllowOverlap'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtUserID'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtOwner'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtPhone'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtEmail'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtDesc'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtManagers'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtLocation'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkNotifyMe'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkNotifyMgrs'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkRemind'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['chkRemindMan'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['txtAppText'])). 
"','".mysql_real_escape_string(stripslashes($_REQUEST['selViewBlockRestr'])). 
    "','".mysql_real_escape_string(stripslashes($_REQUEST['txtViewBlocksUserID'])) 
    "','".mysql_real_escape_string(stripslashes($_REQUEST['txtViewBlocksCourseID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['selMakeApptRestr']))."','".mysql_real_escape_string(stripslashes($_REQUEST['txtMakeApptUserID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['txtMakeApptDptID']))."','".mysql_real_escape_string(stripslashes($_REQUEST['chkShowAppInfo']))."')"; 

if($result = mysql_query($sql,$db)) 
    { 
    echo '<h1>Thank you</h1> Your information has been entered into our database<br><br> 
     <p> <a href="viewcalendar.page.php"> View Calendar </a> </p> 
     <img src="eDiary.jpg"'; 

    } 
    else 
    { 
    echo "ERROR: "; 
    } ?>

该表单包含可以留空的复选框的部分。

我遵循了你的建议并使用了PDO。保留返回以下错误:警告:PDO :: __构造()[pdo .--构造]:[2002]在/ opt/lampp/htdocs/Scheduler/pages/enterCal中无效参数(尝试通过unix连接://) .net.php on line 72 连接失败:SQLSTATE [HY000] [2002]无效参数 致命错误:在/ opt/lampp/htdocs/Scheduler/pages/enterCal中调用非对象的成员函数exec .page.php on line 80.

我认为$ db不是一个对象,并且连接没有被执行。我该如何照顾?我试过谷歌,但似乎无法提出任何有效的方法。

<?php 

$dsn = 'mysql:host=localhost;dbname=eDiary'; 
$user = 'root'; 
$password = ''; 

try 
{ 
     $db = new PDO($dsn,$user,$password); 
     $db -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);}     
catch (PDOException $e) { 
    echo 'Connection Failed: ' . $e->getMessage(); 
    } 

$result = $db->exec("INSERT INTO wassCalendar(title, group, overlapok, userid, name, phone, email, description, managers, location, notify, notifyman, remind, 
remindman, appmsg, viewaccess, viewulist, viewclist, makeaccess, makeulist, makeclist, showappinfo) 
VALUES($txtTitle, $chkGroupCal, $chkAllowOverlap, $txtUserID, $txtOwner, $txtPhone, $txtEmail, $txtDesc, $txtManagers, 
$txtLocation, $chkNotifyMe, $chkNofityMgrs, $chkRemind, $chkRemindMan, $txtAppText, $selViewBlockRestr, 
$txtViewBlocksUserID, $txtViewBlocksCourseID, $selMakeApptRestr, $txtMakeApptUserID, $txtMakeApptDptID, 
$chkShowAppInfo)"; 

$insert_id = mysql_insert_id(); 

?>

来源

2012-10-15 Joanna Irungu

+0

那么,错误是什么? http://php.net/manual/en/function.mysql-error.php 另外,使用mysql_函数是不鼓励的,“改用PDO或MySQLi”。 –

+2

您的代码以反引号开头。这是错误的。另外,你得到的错误是什么? –

+1

先用小得多的查询尝试。实际上还要检查您发布的代码的语法(也可能是您在使用本网站的编辑工具时遇到困难,让自己更适合使用它们)。并且确切的错误信息丢失,将其添加到您的问题中,以便清楚您实际运行哪个错误。 – hakre

回答

0

当需要使用在查询用户输入的情况下,你会想参数化查询。

Here是另一个话题,我涵盖了同样的问题。

依靠消毒输入是非常糟糕的做法,并最终咬你。

来源

2012-10-15 07:46:14

相关问题

 相关问题