我正试图创建一个INSERT来使用表单向数据库添加数据,但它为日期设置了"0000-00-00",为其他整数/浮点设置了"0",并且VARCHAR没有值。
<form action = "display.php" method = "post">
<h3> Add a Product </h3>
<input type = "text" id = "product_number" name = "product_number" cols=75 minlength="4" maxlength="4" placeholder = "Product Number" required>
<br>
<input type = "text" id = "supplier_id" name = "supplier_id" cols=75 minlength="4" maxlength="4" placeholder = "Supplier ID">
<br>
<input type = "text" id = "date" name = "date" cols=75 placeholder = "yyyy-mm-dd">
<br>
<input type = "number" id = "quantity" name = "quantity" cols=75 placeholder = "Quantity">
<br>
<input type = "text" id = "description" name = "description" cols=75 maxlength="50" placeholder = "Description">
<br>
<input type = "text" id = "price" name = "price" cols=75 placeholder = "Price">
<br>
<button type = "submit" name = "submit" cols=75 value = "Add"> Add Product to Database </button>
</form>
</div>
<br>
<br>
<br>
<?php
$product_number = mysqli_real_escape_string($conn, $_POST['product_number']);
$supplier_id = mysqli_real_escape_string($conn, $_POST['supplier_id']);
$date = mysqli_real_escape_string($conn, $_POST['date']);
$quantity = mysqli_real_escape_string($conn, $_POST['quantity']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$price = mysqli_real_escape_string($conn, $_POST['price']);
$sql = "INSERT into products (product_number, supplier_id, date, quantity, description, price) values ('$product_number', '$supplier_id', '$date', '$quantity', '$description', '$price')";
if(mysqli_query($conn, $sql)) {
echo "";
} else {
echo "";
}
mysqli_close($conn);
?>
我认为问题可能是您的INSERT语句甚至在提交表单之前就已经在运行。
将代码封装在一个语句中,该语句在提交表单时检查请求是否为POST请求(浏览器只会生成POST,而不是GET(。
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST')
{
$product_number = mysqli_real_escape_string($conn, $_POST['product_number']);
$supplier_id = mysqli_real_escape_string($conn, $_POST['supplier_id']);
$date = mysqli_real_escape_string($conn, $_POST['date']);
$quantity = mysqli_real_escape_string($conn, $_POST['quantity']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$price = mysqli_real_escape_string($conn, $_POST['price']);
$sql = "INSERT into products (product_number, supplier_id, date, quantity, description, price) values ('$product_number', '$supplier_id', '$date', '$quantity', '$description', '$price')";
if(mysqli_query($conn, $sql)) {
echo "";
} else {
echo "";
}
mysqli_close($conn);
}
?>
第页。S.我怀疑你在提交表格后可能还会插入第二行,正确的一行?除此之外,代码没有任何明显的问题(尽管最好使用准备好的语句和参数,而不是转义字符串并将值连接到SQL中——本文(以及许多文章(向您展示了如何以最安全的方式编写查询(。