我对这段代码失去了理智。它似乎有效。没有错误,但是没有任何东西被添加到mysql数据库中。我已经检查了数据库连接,它正在工作。
希望你能帮上忙。
报名表格
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="initial-scale=1, maximum-scale=1">
<title>Create a Company</title>
<link rel="stylesheet" type="text/css" href="/PITAKER/V2/css.css"/>
</head>
<body>
<h2 class="header"> Create a Company </h2>
<form action="processcompany.php" method="post">
<input class="entry" placeholder="Company Name" name="companyname" type="text" required="required"><br>
<input class="entry" placeholder="GST/VAT/ABN/TAX No" name="taxno" type="text" required="required"><br>
<input class="entry" placeholder="Address" name="address1" type="text" value=""><br>
<input class="entry" placeholder="Suburb/County" name="suburb" type="text" value=""><br>
<input class="entry" placeholder="State" name="state" type="text" value=""><br>
<input class="entry" placeholder="Post/Zip Code" name="postcode" type="text" value=""><br>
<input class="entry" placeholder="Country" name="country" type="text" value=""><br>
<input class="entry" placeholder="Primary Contact" name="primarycontact" type="text" value=""><br>
<input class="entry" placeholder="Primary Email" name="primaryemail" type="text" value=""><br>
<input class="entry" placeholder="Subscription Type" name="subscriptiontype" type="text" value=""><br>
<input class="entry" placeholder="Subscription Status" name="subscriptionstatus" type="text" value=""><br>
<input class="entry" placeholder="Subscription End Date" name="subscriptionenddate" type="text" value=""><br>
<input class="button" type="submit">
</form>
</body>
要添加到 MySQL 的 PHP 脚本
<?php
include 'db.php';
$companyname=$_POST['companyname'];
$taxno=$_POST['taxno'];
$address1=$_POST['address1'];
$suburb=$_POST['suburb'];
$state=$_POST['state'];
$postcode=$_POST['postcode'];
$country=$_POST['country'];
$primarycontact=$_POST['primarycontact'];
$primaryemail=$_POST['primaryemail'];
$subscriptiontype=$_POST['subscriptiontype'];
$subscriptionstatus=$_POST['subscriptionstatus'];
$subscriptionenddate=$_POST['subscriptionenddate'];
$sql = "INSERT INTO `companies`
( `companyid` , `accountno` , `companyname` ,
`taxno` , `address1` , `address2` , `suburb` ,
`state` , `postcode` , `country` , `primarycontact` ,
`primaryemail` , `subscriptiontype` , `subscriptionstatus` ,
`subscriptionenddate` , `datecreated` )
VALUES ( NULL ,
NULL ,
'".mysqli_real_escape_string($conn,$_POST['companyname'])."' ,
'".mysqli_real_escape_string($conn,$_POST['taxno'])."' ,
'".mysqli_real_escape_string($conn,$_POST['address1'])."' ,
NULL ,
'".mysqli_real_escape_string($conn,$_POST['suburb'])."' ,
'".mysqli_real_escape_string($conn,$_POST['state'])."' ,
'".mysqli_real_escape_string($conn,$_POST['postcode'])."' ,
'".mysqli_real_escape_string($conn,$_POST['country'])."' ,
'".mysqli_real_escape_string($conn,$_POST['primarycontact'])."' ,
'".mysqli_real_escape_string($conn,$_POST['primaryemail'])."' ,
'".mysqli_real_escape_string($conn,$_POST['subscriptiontype'])."' ,
'".mysqli_real_escape_string($conn,$_POST['subscriptionstatus'])."' ,
'".mysqli_real_escape_string($conn,$_POST['subscriptionenddate'])."' )";
mysqli_query($conn, $sql);
mysqli_close($conn);
?>
我的数据库文件
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = 'a34511pidata';
$conn = mysqli_connect($dbhost,$dbuser,$dbpass);
mysqli_select_db($conn, $db);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
echo "Database Connected Ok..";
?>
如果你使代码可读,你会发现它更容易调试。
此外,使用 mysqli_
时,您需要在发出查询后检查错误。
还应使用预处理和参数化查询来保护自己免受 SQL 注入攻击
您的实际错误是列出了 16 列,而 VALUE 列表中只有 15 个变量。
我用 NOW() 填充了缺失的列,我认为这将是datecreated
列所需的。
<?php
include 'db.php';
$sql = "INSERT INTO `companies`
( `companyid`, `accountno`, `companyname` ,
`taxno` , `address1`, `address2`, `suburb` ,
`state` , `postcode`, `country`, `primarycontact` ,
`primaryemail`, `subscriptiontype` ,
`subscriptionstatus`, `subscriptionenddate`,
`datecreated` )
VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())";
$stmt = $conn->prepare($sql);
if ( ! $stmt ) {
echo $stmt->error;
exit;
}
// I dont know your data type so you may need to check the data types I used here
$stmt->bind_param('iisssssssssssss',
NULL, NULL,
$_POST['companyname'],
$_POST['taxno'],
$_POST['address1'],
NULL ,
$_POST['suburb'],
$_POST['state'],
$_POST['postcode'],
$_POST['country'],
$_POST['primarycontact'],
$_POST['primaryemail'],
$_POST['subscriptiontype'],
$_POST['subscriptionstatus'],
$_POST['subscriptionenddate']
);
$stmt->execute();
if ( ! $stmt ) {
echo $stmt->error;
exit;
}
mysqli_close($conn);
?>
我不得不说,您将 NULL 作为第二个参数传递(即用于列
accountno
)有点奇怪。这很可能是您的下一个错误,但这取决于如何在数据库中定义该列。