doutuobao4004 2013-07-27 22:29
浏览 43
已采纳

变量进入db而不通过$ _POST检索

This works but How are the values of the variables being put into the db without retrieving them through the $_POST? Is this something new in php5 or have I just never seen it used this way before?

  <!doctype html>

 <html>

<head>
<title></title>
</head

<body>
<form action="insert.php" method="post">
    First Name: <input type="text" name="fname" /><br>
    Last Name: <input type="text" name="lname" /><br>
    Username:  <input type="text" name="uname" /><br>

    <input type="submit" name="submit" value="Register"/><br>
</form>

</body>
</html>

insert.php

<?php

 $con=mysqli_connect("","","","");
 // Check connection
if (mysqli_connect_errno())
 {
 echo "Failed to connect to MySQL: " . mysqli_connect_error();
 }

$sql="INSERT INTO traders (fname, lname, username)
VALUES
('$fname','$lname','$uname')";

if (!mysqli_query($con,$sql))
{
   die('Error: ' . mysqli_error($con));
} 
echo "1 record added " ;

mysqli_close($con);
?>
  • 写回答

2条回答 默认 最新

  • dongliu8542 2013-07-27 22:32
    关注

    because you use here register globals option in php which is now deprecated/removed in new versions of php (mainly because of security issues) which translates $_POST['fName'] into $fName

    you should always use $_POST/$_GET instead

    read more: http://php.net/manual/en/security.globals.php

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥60 pb数据库修改或者求完整pb库存系统,需为pb自带数据库
  • ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
  • ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?
  • ¥20 神经网络Sequential name=sequential, built=False
  • ¥16 Qphython 用xlrd读取excel报错
  • ¥15 单片机学习顺序问题!!
  • ¥15 ikuai客户端多拨vpn,重启总是有个别重拨不上
  • ¥20 关于#anlogic#sdram#的问题,如何解决?(关键词-performance)
  • ¥15 相敏解调 matlab
  • ¥15 求lingo代码和思路