1

我正在开发一个计费系统,它现在非常基础,但我想知道你是否可以帮助我编写代码。如何将 HTML 表单中的数据插入 MySQL 数据库?我的代码:

<?php

if (isset($_POST['submitted'])) {

    include('connect-mysql.php');

    $date = $_POST['date'];
    $charge = $_POST['charge'];
    $payment = $_POST['payment'];
    $client_no = $_POST['client_no'];
    $client_name = $_POST['client_name'];
    $check_no = $_POST['check_no'];
    $check = $_POST['check'];
    $cash = $_POST['cash'];
    $notes = $_POST['notes'];
    $staff_initials = $_POST['staff_initials'];
    $sqlinsert = "INSERT INTO payments (date, charge, payment, client_no, client_name, check_no, check, cash, notes, staff_initials) VALUES ('$date', '$charge', 'payment', '$client_no', '$client_name', '$check_no', '$check', '$cash', '$notes', '$staff_initials')";

    if (!mysqli_query($dbcon, $sqlinsert)) {
        die('There was an error when trying to process your payment. Please contact technical support.');
    } //end of nested if statement

} // end of the main if statement
?>

<html>
<head>
    <title>New Payment</title>
</head>
<body>
<h1>Please Input Payment Details</h1>
<form action="new_payment.php" method="POST">
<input type="hidden" name="submitted" value="true" />
<fieldset>
    <legend>New Payment</legend>
    <label>Date:<input type="text" name="date" /></label><br>
    <label>Today's Charge: <input type="text" name="charge" /></label><br>
    <label>Today's Payment: <input type="text" name="payment" /></label><br>
    <label>Client Number: <input type="text" name="client_no" /></label><br>
    <label>Client Name: <input type="text" name="client_name" /></label><br>
    <label>Check Number: <input type="text" name="check_no" /></label><br>
    <label>Check: <input type="text" name="check" /></label><br>
    <label>Cash: <input type="text" name="cash" /></label><br>
    <label>Notes: <input type="text" name="notes" /></label><br>
    <label>Staff Initials: <input type="text" name="staff_initials" /></label><br>
</fieldset>
<br />
<input type="submit" value="Process Payment">
</form>
</body>
</html>

请帮帮我,这很重要,我及时完成这件事......

4

3 回答 3

2

第一个错误:-

if (isset($_POST['submitted']))

<input type="submit" value="Process Payment">

更改为:-

if($_POST['process'] == 'Process Payment') 
<input name="process" type="submit" id="process" value="Process Payment">

您可以改用这个(以防止 SQL 注入):

// CONNECTION TO DATABASE

$mysqli = new mysqli('HOST','USERNAME','PASSWORD','DATABASE'); 

// CHECK CONNECTION

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}        

$sqlinsert = "INSERT INTO payments (date, charge, payment, client_no, client_name, check_no, check, cash, notes, staff_initials) VALUES (?,?,?,?,?,?,?,?,?,?)";

$stmt = $mysqli->prepare($sqlinsert);

    $date = $_POST['date'];
    $charge = $_POST['charge'];
    $payment = $_POST['payment'];
    $client_no = $_POST['client_no'];
    $client_name = $_POST['client_name'];
    $check_no = $_POST['check_no'];
    $check = $_POST['check'];
    $cash = $_POST['cash'];
    $notes = $_POST['notes'];
    $staff_initials = $_POST['staff_initials'];

$stmt->bind_param("ssssssssss",$date, $charge, $payment, $client_no, $client_name, $check_no, $check, $cash, $notes, $staff_initials );

//EXECUTE QUERY
$stmt->execute();

$rowcount = $stmt->affected_rows;


if ($rowcount > 0)
{
echo "Success!";
}

else
{
echo "Error!";
}

//CLOSE EXECUTE
$stmt->close();
于 2012-09-25T03:14:30.670 回答
0

我不确定,但我认为你应该改变

if (isset($_POST['submitted']))


if (isset($_POST['submit']))


<input type="submit" value="Process Payment">


<input type="submit" name="submit" id="submit" value="Process Payment">

并在 INSERT 命令中输入 $ 付款

$sqlinsert = "INSERT INTO payments (date, charge, payment, client_no, client_name, check_no, check, cash, notes, staff_initials) VALUES ('$date', '$charge', '$payment', '$client_no', '$client_name', '$check_no', '$check', '$cash', '$notes', '$staff_initials')";
于 2012-09-25T02:56:01.260 回答
-1

如果您在插入数据库时​​遇到问题,您应该更改

 $sqlinsert = "INSERT INTO payments (date, charge, payment, client_no, client_name, check_no, check, cash, notes, staff_initials) VALUES ('$date', '$charge', 'payment', '$client_no', '$client_name', '$check_no', '$check', '$cash', '$notes', '$staff_initials')";


 $sqlinsert = "INSERT INTO payments (date, charge, payment, client_no, client_name, check_no, check, cash, notes, staff_initials) VALUES ('$date', '$charge', '$payment', '$client_no', '$client_name', '$check_no', '$check', '$cash', '$notes', '$staff_initials')";

您忘记在插入值付款前输入 $

于 2012-09-25T02:54:52.200 回答