0 
<form name="applyform" action="applyform.php" method="post">
    <fieldset>
        <legend>Application Details</legend>
        <p>Name :<?php echo $row ["Emp_Fname"]; ?></p>
        <p>ID number :<?php echo $row['Emp_ID']; ?></p>
        <p>Email :<?php echo $row['Emp_Email']; ?></p>
        <p>Address :<?php echo $row['Emp_Address']; ?></p>
        <p>Handphone Number :<?php echo $row['ContactNo_HP']; ?></p>
        <p>Phone Number :<?php echo $row['ContactNo_Home']; ?></p>
        <p>Date of application :<?php echo $row['Leave_RequestDate']; ?></p>
        <p>Type of leave:
           <select name="leave type">
              <option selected>Annual leave</option>
              <option>Sick leave</option>
              <option>Emergency leave</option>
              <option>Maternity leave</option>
            </select>
        </p>
        <p>Leave duration:<input type="date" name="leave_start">to<input type="date" name="leave_end"></p>
        <p>Reason:<textarea rows="4" cols="50" name="reason"></textarea></p>
        <p><input type="submit" name="submitbtn" value="Submit"/>

这是我的表格的代码。有什么问题吗?

<?php

if(isset($_POST['submitbtn'])) {

  if(!$con)  {
    die("cannot connect : " .mysql_error());
  }
  $sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason)    VALUES('$_POST[leave_start]','$_POST[leave_end]','$_POST[reason]')");
  mysql_query($sql,$con);

  mysql_close($con);
}
?>

以上是我的PHP代码。当我尝试提交表单时,数据库不会更新,任何人都可以帮助我吗?

4

5 回答 5

0

您可以尝试MySQLi而不是谓词MySQL

<?php

if(isset($_POST['submitbtn']))
{

$connection=mysqli_connect("Host","Username","Password","Database");

if(mysqli_connect_errno()){

echo "Error".mysqli_connect_error();
}

mysqli_query($connection,"INSERT INTO leave(Leave_Start, Leave_End, Leave_Reason)    VALUES('$_POST[leave_start]','$_POST[leave_end]','$_POST[reason]')");

}
?>
于 2014-03-27T01:53:50.283 回答
0

您需要了解一点关于 PHP 变量传递和 SQL 注入的知识。您的最终查询必须看起来像

 $sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason) VALUES('{".mysqli_real_escape_string($_POST['leave_start'])."}','{".mysqli_real_escape_string($_POST['leave_end'])."}','{".mysqli_real_escape_string($_POST['reason'])."}')");
于 2013-08-28T12:07:27.063 回答
0

您是否忘记在 PHP 代码的第 5 行附近包含一个 mysql_connect ?

$con = mysql_connect('mysql_host', 'mysql_user', 'mysql_password');
于 2013-08-28T11:58:43.263 回答
0

代替

$sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason) VALUES('$_POST[leave_start]','$_POST[leave_end]','$_POST[reason]')");

尝试

$sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason) VALUES('".$_POST["leave_start"]."','".$_POST["leave_end"]."','".$_POST["reason"]."')");

注意:做这样的查询是不安全的,因为$_POST之前没有检查

像这样的东西应该更好

$sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason) VALUES('".mysqli_real_escape_string($con,$_POST["leave_start"])."','".mysqli_real_escape_string($con,$_POST["leave_end"])."','".mysqli_real_escape_string($con,$_POST["reason"])."')");
于 2013-08-28T12:01:11.600 回答
-1

您的插入不正确:

$sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason)   VALUES('$_POST[leave_start]','$_POST[leave_end]','$_POST[reason]')");

应该是这样的:

$sql = ("INSERT INTO leave(Leave_Start,Leave_End,Leave_Reason)    VALUES('{$_POST["leave_start"]}','{$_POST["leave_end"]}','{$_POST["reason"]}')");

您应该始终转义字符串中的特殊字符。否则他们会被误解。

http://php.net/manual/en/language.types.string.php

顺便说一句,我假设 $con 是一个有效的连接对象。

于 2013-08-28T09:08:21.520 回答