我正在尝试处理此表单,此时它正在向我显示我的表单,但它不允许我将信息输入数据库。现在据我所知,一切都是正确的,但我不能确定。我唯一能认为不合适或错误的是,一旦输入表单,指向将数据输入数据库的代码是错误的。
我知道我还没有清理我的字段,所以请不要告诉我我需要。我试图先编写这个脚本,然后我会清理脚本。
如果有人能找到错误,请告诉我它是什么以及如何修复它,不胜感激。
网站在这里:
http://kaboomlabs.com/PDI/1-1.php?id=2
代码是这样的:
<?php
require_once('connectvars.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PDI NCMR - View</title>
<link rel="stylesheet" type="text/css" href="CSS/view.css" />
</head>
<body>
<div id="logo">
<img src="images/PDI_Logo_2.1.gif" alt="PDI Logo" />
</div>
<?php
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (isset($_POST['submit'])) {
// Grab the profile data from the POST
$ncmrsc = mysqli_real_escape_string($dbc, trim($_POST['ncmrsc']));
$ncmrsr = mysqli_real_escape_string($dbc, trim($_POST['ncmrsr']));
$error= false;
}
// Update the form in the database
if (!$error && !empty($ncmrsr) && !empty($ncmrsc)) {
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$query = "INSERT INTO ncmr ('ncmrsr', 'ncmrsc') VALUES ('$ncmrsr', '$ncmrsc) WHERE id ='$id'";
mysqli_query($dbc, $query);
// Confirm success with the user
echo 'Customer added.';
mysqli_close($dbc);
exit();
}
// Grab the profile data from the database
if (!isset($_GET['id'])) {
$query = "SELECT * FROM ncmr WHERE id = '$id'";
}
else {
$query = "SELECT * FROM ncmr WHERE id = '" . $_GET['id'] . "'";
}
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 1) {
// The user row was found so display the user data
$row = mysqli_fetch_array($data);
echo'<h3 id="NCMR2">Non-Conforming Materials Report (NCMR: ' . $row['NCMR_ID'] . ')</h3>';
echo '<form id="all" method="post">';
echo '<fieldset>';
if (!empty($row['Added_By']) && empty($row['Added_By_Date'])) {
echo '<div id="ab"><span class="b">Added By: </span>' . $row['Added_By'] . '</div>';
echo '<div id="abd"><span class="b">On: </span>' . $row['Added_By_Date'] . '</div>';
}
echo '<div id="box">';
echo '<div id="box1">';
if (!empty($row['Nexx_Part']) && !empty($row['Nexx_Rev']) && !empty($row['Nexx_Part_Description']) && !empty($row['NCMR_Qty'])) {
echo '<div id="np"><span class="b">Nexx Part: </span>' . $row['Nexx_Part'] . '</div>';
echo '<div id="nr"><span class="b">Nexx Rev: </span>' . $row['Nexx_Rev'] . '</div>';
echo '<div id="npd"><span class="b">Nexx Part Description: </span>' . $row['Nexx_Part_Description'] . '</div>';
echo '<div id="ncqt"><span class="b">NCMR Qty: </span>' . $row['NCMR_Qty'] . '</div>';
}
echo '<div id ="JSI">';
if (!empty($row['JO']) && !empty($row['SN']) && !empty($row['INV'])) {
echo '<div id="JO"><span class="b">JO: </span><br />' . $row['JO'] . '</div>';
echo '<div id="SN"><span class="b">SN: </span><br />' . $row['SN'] . '</div>';
echo '<div id="INV"><span class="b">INV: </span><br />' . $row['INV'] . '</div>';
}
echo '</div>';
echo '</div>';
echo '<div id="box4-1">';
// We know both $ncmrsr AND $ncmrsc are blank
$row['ncmrsr'] = trim($row['ncmrsr']);
$row['ncmrsc'] = trim($row['ncmrsc']);
if (empty($row['ncmrsr']) && empty($row['ncmrsc'])) {
// add comments.
echo '<div id="ncmrsr"><span class="b">NCMR Supplier Response:<br /></span><textarea name="ncmrsr" rows="6" cols="85" ></textarea></div><br />';
echo '<div id="ncmrsc"><span class="b">NCMR Supplier Comment:<br /></span><textarea name="ncmrsr" rows="6" cols="85" ></textarea></div><br />';
echo '<div id="button"><input type="submit" name="submit" value="Enter Comments" /></div>';
}
else {
// echo the two fields.
if (!empty($row['ncmrsr']) && !empty($row['ncmrsc'])) {
echo '<div id="ncmrsr"><span class="b">NCMR Supplier Response: </span>' . $row['ncmrsr'] . '</div>';
echo '<div id="ncmrsc"><span class="b">NCMR Supplier Comment: </span>' . $row['ncmrsc'] . '</div>';
}
echo '</div>';
echo '</div>';
echo '</div>';
echo '</fieldset>';
echo '</form>';
}
mysqli_close($dbc);
}
?>
</body>
</html>