0

我对 php 的所有东西都是全新的,但我已经设法将下面的表格拼凑在一起。但是由于某种我不明白的原因,每次我点击提交按钮时,它都会转到一个值为 0 的新页面。这是页面
http://upcycledonline.com/test/Site/myform2.php

<?php
    if($_POST['formSubmit'] == "Submit"){
        $errorMessage = "";

        if(empty($_POST['formEmail'])){
            $errorMessage .= "<li>You forgot to enter your email</li>";
        }

        $varEmail = ($_POST['formEmail'].mysql_real_escape_string);

        //$varEmail = $_POST['formEmail'];

        if(empty($errorMessage)){

            $db = mysql_connect("server","id","password");
            if(!$db)
                die("Error connecting to MySQL database.");
            mysql_select_db("tableName" ,$db);

            $sql = "INSERT INTO emails(email) VALUES ('$varEmail')";
            mysql_query($sql);


            //$sql = ("INSERT INTO emails(email) VALUES ('%s')".mysql_real_escape_string($varEmail));
            //$results = mysql_query($sql);
            //$sql = "INSERT INTO emails (emails)" 
                   //. "VALUES ('{$varEmail}');
            //mysql_query($sql);

            // echo "Details added";
            // $_SESSION['status'] = 'success';
        }

        //header("Location: thankyou.html");
        exit();
    }


    function PrepSQL($value){
        // Stripslashes
        if(get_magic_quotes_gpc()){
            $value = stripslashes($value);
        }

        // Quote
        //this is how I should be doing the escape thing
        $value = "'" . mysql_real_escape_string($value) . "'";

        return($value);
    }
?>

这是表格

<?php
   if(!empty($errorMessage)){
       echo("<p>There was an error with your form:</p>\n");
       echo("<ul>" . $errorMessage . "</ul>\n");
   }
?>

<form id="emailForm" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" 
      method="post" onSubmit="alert('Thank you. Your email has been added.')">
    <label for='formEmail'>Sign up to be notified when we go live!</label><br/>
    <input type="text" name="formEmail" maxlength="50" value="<?=$varEmail;?>" />
    <input type="submit" name="formSubmit" value="Submit" />
</form>
4

1 回答 1

0

如果它们在一个文件中,它仍然存在一些问题。

而不是:
$varEmail = ($_POST['formEmail'].mysql_real_escape_string);

试试:
$varEmail = mysql_real_escape_string($_POST['formEmail']);

这应该将代码带到 mysql 部分,然后它将退出。

header 命令可用于重定向到“谢谢”页面,或者仅在成功或失败时回显。

然后在您的数据库中查找数据。:)

BTW:
你几乎在 PrepSql 函数中有它,但它没有被使用。
所以你可以这样做: $varEmail = PrepSql($_POST['formEmail']);
请注意额外的''。

并为尽早学习逃避数据而欢呼!:)

编辑:

您可能会在输入行中出现错误,其形式为<?$varEmail;?>...
您正在使用“短标签”,这意味着您跳过了:中的“php” <?php echo $myVar;?>。也缺少“回声”。

您可以删除该部分 - 因为您从用户输入中获得了价值。

这与我在我的机器上的输入相呼应(为测试注释掉 sql):

<?php

if($_POST['formSubmit'] == "Submit") 
{
    $errorMessage = "";

    if(empty($_POST['formEmail'])) 
    {
        $errorMessage .= "<li>You forgot to enter your email</li>";
    }

    $varEmail = PrepSql($_POST['formEmail']);


    //$varEmail = $_POST['formEmail'];

    if(empty($errorMessage)) 
    {

        /*$db= mysql_connect("server","id","password");
        if(!$db) die("Error connecting to MySQL database.");
        mysql_select_db("tableName" ,$db);*/

        echo $varEmail;

        //$sql = "INSERT INTO emails(email) VALUES ('$varEmail')";
        //mysql_query($sql);


        //$sql = ("INSERT INTO emails(email) VALUES ('%s')".mysql_real_escape_string($varEmail));
        //$results = mysql_query($sql);

        //$sql = "INSERT INTO emails (emails)" 
        //. "VALUES ('{$varEmail}');
        //mysql_query($sql);

        // echo "Details added";
        // $_SESSION['status'] = 'success';
    }

    //header("Location: thankyou.html");
    exit();

}


function PrepSQL($value)
{
    // Stripslashes
    if(get_magic_quotes_gpc()) 
    {
        $value = stripslashes($value);
    }

    // Quote
    //this is how I should be doing the escape thing
    //$value = "'" . mysql_real_escape_string($value) . "'";
    $value = mysql_real_escape_string($value);

    return($value);
}




if(!empty($errorMessage)) 
{
   echo("<p>There was an error with your form:</p>\n");
   echo("<ul>" . $errorMessage . "</ul>\n");
}
?>

<form id="emailForm" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>"     method="post" onSubmit="alert('Thank you. Your email has been added.')">

            <label for='formEmail'>Sign up to be notified when we go live!</label><br/>
            <input type="text" name="formEmail" maxlength="50" />

        <input type="submit" name="formSubmit" value="Submit" />

</form>
于 2011-10-11T02:48:57.587 回答