dsstjqsr631426 2014-12-21 22:34
浏览 34
已采纳

HTML表单使用PHP写入MySQL

I need the following form to right to MySQL table "table1" and columns "name" "email" and "comment".

<form method="post" action="sign.php" class="pure-form pure-form-stacked">
                <fieldset>

                    <label for="name">Your Name</label>
                    <input id="name" type="text" placeholder="Your Name" name="name">


                    <label for="email">Your Email</label>
                    <input id="email" type="email" placeholder="Your Email" name="email">

                    <label for="comment">Your Comments</label>
                    <input id="comment" type="text" placeholder="Your Comments" name="comment">

                 <a href="thanks.html" button type="submit" class="pure-button">SUBMIT</button>
                 </a>

                </fieldset>
            </form>

My PHP File looks like this:

<html>
<body>

<?php
$myUser = "dbuser";
$myPassd = "********";
$myDB = "dbname";
$myserver = "192.168.1.80:3306";
$name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];

// Create connection
$dbhandle = mysql_connect($myserver,$myUser,$myPassd) 
  or die("Unable to connect to MySQL"); 
echo "Connected to MySQL<br>";

//select a database to work with
$selected = mysql_select_db($myDB, $dbhandle)
  or die("Couldn't open database $myDB");
//if (mysqli_connect_errno()) {
//echo "Failed to connect to MySQL: " . mysqli_connect_error();
//}
//echo "connected";

$sql = "INSERT INTO signatures (name, comment) VALUES ( $name, $comment)";

if (!mysql_query($sql))
  {
  die('Error: ' . mysql_error());
  }
echo "record added";

mysql_close($dbhandle);
?>
</body>
</html>

I also need this to redirect to another html page after it run.

  • 写回答

1条回答 默认 最新

  • dongwupei7803 2014-12-21 23:11
    关注

    This code solves your posting problems:

    <form method="post" id="form" action="sign.php" class="pure-form pure-form-stacked">

      ... your HTML ...
             <a  href="javascript:document.getElementById('form').submit()" class="pure-button">SUBMIT</button>
             </a>

    Use the following for PDO queries to your database (safer!).

    function openDBConnection()
{
   $myUser = "dbuser";
   $myPassd = "********";
   $myDB = "dbname";
   $myserver = "192.168.1.80";
   $port = 3306;

    try 
    {
     //this line was just updated!
        $dbConn = new PDO("mysql:host=$myserver;port=$port;dbname=$myDB", $myUser, $myPassd, array( PDO::ATTR_PERSISTENT => false));
    }
    catch( PDOException $Exception ) 
    {
         echo ("Unable to connect to database.");
         exit;
    }       
    return $dbConn;
}

function doPDOQuery($sql, $type, $var = array(), $dbname, $fetch = false)
{
    $db = openDBConnection();
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    //Prepare and query are two types, please use prepare.
    if ($type == "prepare")
    {
        $queryArray = array();
        if ($var != null)
        {
            foreach ($var as $key => $queryItem)
            {
                $queryArray[$key] = $queryItem;
            }
        }
        $sth = $db->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
        $sth->execute($queryArray);
    }
    else if ($type == "query")
    {
        $sth = $db->query($sql);
    }
    else
    {
        echo ("Supplied type is not valid.");
        exit;
    }
    if (!$sth)
    {
        $error = $db->errorInfo();
        echo($error[2]);
        exit;
    }

//$fetch: set to true when you expect results, set to false (default) when you do update/delete/insert and there are no records returned. Else the records are returned through $sth->fetchAll();
    if (!$fetch)
    {
        return $sth->rowCount();
    }
    return $sth->fetchAll();        
}

    Example query for your database entry

    $name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];

$SQL = "
        INSERT INTO signatures (name, email, comment) VALUES ( :name, :email, :comment);
    ";
    $result = doPDOQuery($SQL, "prepare", array(":name" => $name, ":comment" => $comment, ":email" => $email), $myDB, false);

    Please read into PDO. It works as following:

    1. DB connection is made
    2. SQL is prepared by the SQL server
    3. The params are loaded into the SQL query (supplied by the array).
    4. Params are escaped which makes SQL-injection less possible.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 matlab实现基于主成分变换的图像融合。
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制
  • ¥20 usb设备兼容性问题
  • ¥15 错误(10048): “调用exui内部功能”库命令的参数“参数4”不能接受空数据。怎么解决啊