dqouryz3595 2019-02-14 18:17
浏览 31
已采纳

使用mysql和php插入查询中的问题

The problem is in insert query.If we insert a single data in the db it is inserted for multiple time in that the primary key(auto increment) is increased but the value give by the user didn't store in db why? 

<html>
<head>
    <title>comment</title>
</head>
<body>
<?php
require('db.php');

?>
<form action="db.php" method="get">
    <input type="textarea"  name="textarea" rows="4" value="" >
    <input type="submit" name="submit" value="submit">
</form>


<?php

 $comment = isset($_GET['textarea']) ? $_GET['textarea'] : '';
 $sql="INSERT INTO comment(comments) VALUES('$comment')";
        mysqli_query($con,$sql);


        ?>


</body>
</html>

the actual table name is comment and the column name is comment_id and comments. if a user ask some question in textarea(in HTML design) that should be inserted in comments column.

  • 写回答

1条回答 默认 最新

  • dongyuan1970 2019-02-14 18:28
    关注

    You should not submit the form to the same file you are requiring on line 7.

    Rather submit the form to itself. Try this:

    <html>
<head>
    <title>comment</title>
</head>
<body>
<?php
require('db.php');

if(!isset($_GET['submit']))
{
?>
<form method="get">
    <input type="textarea"  name="textarea" rows="4" value="" >
    <input type="submit" name="submit" value="submit">
</form>


<?php
} else {

 $comment = isset($_GET['textarea']) ? $_GET['textarea'] : '';
 $sql="INSERT INTO comment(comments) VALUES('$comment')";
        mysqli_query($con,$sql);

}
        ?>


</body>
</html>

    Also like @aynber mentioned in the comments, take advantage of prepared statements and bind_param, to secure your app a bit.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?