代码中有某种错误,我无法发现它。与数据库的连接工作正常,我可以验证这是 HTML 中的 HTML 代码 我创建了一个表单来将数据插入数据库<!DOCTYPE html><html class="html"> <form method="post" name="Draw" action="form/insertdata.php"> <input type="date" name="form_fields[date] " > <input type="number" name="form_fields[am113d]" > <input type="number" name="form_fields[am112d]"> <input type="number" name="form_fields[am111d]" > <input type="number" name="form_fields[pm13d]" > <input type="number" name="form_fields[pm12d]" > <input type="number" name="form_fields[pm11d]" > <input type="number" name="form_fields[pm53d]" > <input type="number" name="form_fields[pm52d]" > <input type="number" name="form_fields[pm51d]"> <input type="number" name="form_fields[pm63d]"> <input type="number" name="form_fields[pm62d]"> <input type="number" name="form_fields[pm61d]"> <input type="number" name="form_fields[pm73d]"> <input type="number" name="form_fields[pm72d]" > <input type="number" name="form_fields[pm71d]" > <button type="submit" name="submit">Submit</button> </form></html>这是PHP代码这是从 HTML 表单中收集数据并将其存储到 MySql 数据库中的 PHP 代码*如果我使用此代码,只有一个空行被插入到数据库中,表单中输入的值不会被插入 *<?php include_once 'Configuration.php'; $Dateee = $_POST['form_fields[date]']; $am113d = $_POST['form_fields[am113d]']; $am112d = $_POST['form_fields[am112d]']; $am111d = $_POST['form_fields[am111d]']; $pm13d = $_POST['form_fields[pm13d]']; $pm12d = $_POST['form_fields[pm12d]']; $pm11d = $_POST['form_fields[pm11d]']; $pm53d = $_POST['form_fields[pm53d]']; $pm52d = $_POST['form_fields[pm52d]']; $pm51d = $_POST['form_fields[pm51d]']; $pm63d = $_POST['form_fields[pm63d]']; $pm62d = $_POST['form_fields[pm62d]']; $pm61d = $_POST['form_fields[pm61d]']; $pm73d = $_POST['form_fields[pm73d]']; $pm72d = $_POST['form_fields[pm72d]']; $pm71d = $_POST['form_fields[pm71d]'];
2 回答
慕田峪7331174
TA贡献1828条经验 获得超13个赞
我并不是在提倡这是一种好的做法,但出于演示目的,以显示您的代码有什么问题,我将“按原样”将其放在这里-尽管确实应该使用prepared statement!!!
表单提交array非常有效,您在错误级别访问数据。您需要访问在form_fields数组中找到的字段而不是POST数组本身(尽管当然form_fields是在 POST 数组中)
为简单起见,此处使用variable variable语法将各种值分配为变量
$fields=$_POST['form_fields'];
foreach( $fields as $field => $value )${$field}=$value;
$sql = "INSERT INTO `Draw_tabel`
(`Date`, `A113d`, `A112d`, `A111d`, `A133d`, `A132d`, `A131d`, `A173d`, `A172d`, `A171d`, `A183d`, `A182d`, `A181d`, `A193d`, `A192d`, `A191d`)
VALUES
('$date', '$am113d', '$am112d', '$am111d', '$pm13d', '$pm12d', '$pm11d', '$pm53d', '$pm52d', '$pm51d', '$pm63d', '$pm62d', '$pm61d', '$pm73d', '$pm72d', '$pm71d');";
echo $sql;
最终呈现的 SQL 如下所示:
INSERT INTO `Draw_tabel`
(`Date`, `A113d`, `A112d`, `A111d`, `A133d`, `A132d`, `A131d`, `A173d`, `A172d`, `A171d`, `A183d`, `A182d`, `A181d`, `A193d`, `A192d`, `A191d`)
VALUES
('2020-12-12', '1', '2', '3', '4', '5', '6', '78', '45', '12', '99', '56', '45', '12', '115', '0');
这些数字在这里毫无意义——只是随机输入的简单整数。
如前所述,更好的方法是使用 a prepared statementwhich 可能会这样做:
if( $_SERVER['REQUEST_METHOD']=='POST' && !empty( $_POST['form_fields'] ) ){
$fields=$_POST['form_fields'];
$types=array();
$values=array();
foreach( $fields as $field => $value ){
$values[]=$value;
$types[]=is_numeric( $value ) ? 'i' : 's';
}
$sql='insert into `draw_tabel`
(`date`, `a113d`, `a112d`, `a111d`, `a133d`, `a132d`, `a131d`, `a173d`, `a172d`, `a171d`, `a183d`, `a182d`, `a181d`, `a193d`, `a192d`, `a191d`)
values
( ?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,? );';
$stmt=$conn->prepare( $sql );
$stmt->bind_param( implode('',$types), ...$values );
$res=$stmt->execute();
echo $res ? 'New record created successfully' : 'Error';
}
千万里不及你
TA贡献1784条经验 获得超9个赞
你有:
<input type="date" name="form_fields[date] " >
和
$Dateee = $_POST['form_fields[date]'];
但 PHP 会采用该字段名称并将其放入:
$_POST['form_fields']['date']
……你在所有其他领域都有类似的错误。
您还应该使用带有占位符的预准备语句,而不是将用户输入混入 SQL 字符串。
- 2 回答
- 0 关注
- 182 浏览
添加回答
举报
0/150
提交
取消