1

试图为朋友公司设置保修注册页面,但我不擅长 Mysql 或 PHP(阅读:Noob)。我在网上搜索了答案,并尝试了以下代码的几种变体,但均未成功。

我有匹配列名的表设置。我相信表单提交也设置正确。

只是不确定是什么阻止了它实际将数据发布到数据库。任何帮助将不胜感激。

这是我的邮政编码。

<?php
error_reporting(-1);


$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$country = $_POST['country'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$ordernumber = $_POST['ordernumber'];
$receivedate = $_POST['receivedate'];
$placeofpurchase = $_POST['placeofpurchase'];
$newsletter = $_POST['newsletter'];
?>

<?php
$con = mysqli_connect("localhost","DB_Username","PASSWORD","DB_NAME");
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$sql = ("INSERT INTO warrantyregistration (firstname, lastname, address, city, state, zipcode, country, phone, email, ordernumber, receivedate, placeofpurchase, newsletter)
VALUES
($firstname, $lastname, $address, $city, $state, $zipcode, $country, $phone, $email, $ordernumber, $receivedate, $placeofpurchase, $newsletter)");


if (mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
echo "Success!";

mysqli_close($con)
?>
4

4 回答 4

0

更改此行:

if (mysqli_query($con,$sql))

至:

if (!mysqli_query($con,$sql))

您应该会看到一条错误消息。

于 2013-09-04T20:25:53.963 回答
0

您应该参数化您的查询并使用准备好的语句。这将保护您免受 SQL 注入并解决您的问题。您需要做的精简版是:

$stmt = mysqli_prepare($con, "INSERT INTO warrantyregistration
    (firstname, lastname, address) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, "sss", $firstname, $lastname, $address);
mysqli_stmt_execute($stmt);
于 2013-09-04T20:50:08.910 回答
0

您得到了错误的 SQL 语句语法。您必须将您的 PHP 变量设置为´$variable´

在这里查看我的工作代码:

insert into user
  (
    userid,
    signedin_at,
  )
  values
  (
    '$vp_userid',
    now()
  );
于 2019-11-02T10:14:46.650 回答
-1

我得到了同样的错误。如果没有参数化,您可以在 sql 语句中修复该错误:

...
$sql = "INSERT INTO warrantyregistration VALUES ($firstname, $lastname, $address, $city, $state, $zipcode, $country, $phone, $email, $ordernumber, $receivedate, $placeofpurchase, $newsletter)";
...
于 2015-05-20T23:40:32.070 回答