dongshao8471 2019-04-29 22:24
浏览 94

使用sql [php]将数据从php存储到phpmyadmin时出现未定义的索引错误

When I input data into my form, it posts just fine into the first php page I have set up. Once I input the information, it is supposed to store into XAMPP's SQL database I have created. I am getting undefined index errors on my admin.php file

https://imgur.com/a/K5GzAwv

 <?php

    $servername = "localhost";
    $username = 'root';
    $password = '';
    $dbname = 'megatravel';
    //establishes connection to database/localhost
    $conn = new mysqli($servername, $username, $password, $dbname);

    //error message if connection is not established
    if ($conn->connect_error) {
        die("Failed to Connect: " . $conn->connect_error);
    }

    //insert statement into reservations table
    $sql = "INSERT INTO reservations (name, email, phone, adultsNo, children, city, activity, traveldate)
    VALUES ('{$_POST['name']}', '{$_POST['email']}','{$_POST['phone']}','{$_POST['adultsNo']}', '{$_POST['children']}',
     '{$_POST['city']}', '{$_POST['activity']}', '{$_POST['traveldate']}')";

    //outputs message if data is inputted successfully, error if not
    if ($conn->query($sql) === TRUE) {
        echo "<br><br>Your information has successfully been inserted into the database!<br>";
    } else {
        echo "<br>Error: " . $sql . "<br>" . $conn->error;
    }
    //select statement that pulls the information entered from the reservations and puts data into a simple table
    $sql = "SELECT * FROM reservations";
    $result = mysqli_query($conn, $sql);
    echo "<table border='3'>";
    echo "<tr>";
    echo "<td style='text-align: center; font-weight: bold'>Full Name</td>",
    "<td style='text-align: center; font-weight: bold'>Email Address</td>",
    "<td style='text-align: center; font-weight: bold'>Phone Number</td>",
    "<td style='text-align: center; font-weight: bold'>Adults</td>",
    "<td style='text-align: center; font-weight: bold'>Children</td>",
    "<td style='text-align: center; font-weight: bold'>City</td>",
    "<td style='text-align: center; font-weight: bold'>Activity</td>",
    "<td style='text-align: center; font-weight: bold'>Date</td>";
    echo "</tr>";

    while ($row = mysqli_fetch_assoc($result)) { 
        echo "<tr>";
        foreach ($row as $field => $value) { 
            echo "<td>" . $value . "</td>"; 
        }
        echo "</tr>";
    }

    echo "</table>";


    $conn->close();

    ?>

</div>
  • 写回答

1条回答 默认 最新

  • dtmjl4427 2019-04-29 22:41
    关注

    I don't see anything in the code you've posted that would cause this, it seems as if though the data is not sent through POST, or sent at all. Please provide the actual form sending the data as well.

    Something I'd like to mention is that you look up prepared statements for SQL as this code is exploitable through a method called SQL Injection as you are using data directly provided by the user without actually looking at it. This can result in an attacker carefully crafting some data to make their own SQL query.

    Here is a video made by Computerphile explaining this attack method better.

    评论

报告相同问题?

悬赏问题

  • ¥15 微信会员卡接入微信支付商户号收款
  • ¥15 如何获取烟草零售终端数据
  • ¥15 数学建模招标中位数问题
  • ¥15 phython路径名过长报错 不知道什么问题
  • ¥15 深度学习中模型转换该怎么实现
  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?