dsstjqsr631426 2014-12-21 22:34
浏览 34
已采纳

HTML表单使用PHP写入MySQL

I need the following form to right to MySQL table "table1" and columns "name" "email" and "comment".

<form method="post" action="sign.php" class="pure-form pure-form-stacked">
                <fieldset>

                    <label for="name">Your Name</label>
                    <input id="name" type="text" placeholder="Your Name" name="name">


                    <label for="email">Your Email</label>
                    <input id="email" type="email" placeholder="Your Email" name="email">

                    <label for="comment">Your Comments</label>
                    <input id="comment" type="text" placeholder="Your Comments" name="comment">

                 <a href="thanks.html" button type="submit" class="pure-button">SUBMIT</button>
                 </a>

                </fieldset>
            </form>

My PHP File looks like this:

<html>
<body>

<?php
$myUser = "dbuser";
$myPassd = "********";
$myDB = "dbname";
$myserver = "192.168.1.80:3306";
$name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];

// Create connection
$dbhandle = mysql_connect($myserver,$myUser,$myPassd) 
  or die("Unable to connect to MySQL"); 
echo "Connected to MySQL<br>";

//select a database to work with
$selected = mysql_select_db($myDB, $dbhandle)
  or die("Couldn't open database $myDB");
//if (mysqli_connect_errno()) {
//echo "Failed to connect to MySQL: " . mysqli_connect_error();
//}
//echo "connected";

$sql = "INSERT INTO signatures (name, comment) VALUES ( $name, $comment)";

if (!mysql_query($sql))
  {
  die('Error: ' . mysql_error());
  }
echo "record added";

mysql_close($dbhandle);
?>
</body>
</html>

I also need this to redirect to another html page after it run.

  • 写回答

1条回答 默认 最新

  • dongwupei7803 2014-12-21 23:11
    关注

    This code solves your posting problems:

    <form method="post" id="form" action="sign.php" class="pure-form pure-form-stacked">

      ... your HTML ...
             <a  href="javascript:document.getElementById('form').submit()" class="pure-button">SUBMIT</button>
             </a>

    Use the following for PDO queries to your database (safer!).

    function openDBConnection()
{
   $myUser = "dbuser";
   $myPassd = "********";
   $myDB = "dbname";
   $myserver = "192.168.1.80";
   $port = 3306;

    try 
    {
     //this line was just updated!
        $dbConn = new PDO("mysql:host=$myserver;port=$port;dbname=$myDB", $myUser, $myPassd, array( PDO::ATTR_PERSISTENT => false));
    }
    catch( PDOException $Exception ) 
    {
         echo ("Unable to connect to database.");
         exit;
    }       
    return $dbConn;
}

function doPDOQuery($sql, $type, $var = array(), $dbname, $fetch = false)
{
    $db = openDBConnection();
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    //Prepare and query are two types, please use prepare.
    if ($type == "prepare")
    {
        $queryArray = array();
        if ($var != null)
        {
            foreach ($var as $key => $queryItem)
            {
                $queryArray[$key] = $queryItem;
            }
        }
        $sth = $db->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
        $sth->execute($queryArray);
    }
    else if ($type == "query")
    {
        $sth = $db->query($sql);
    }
    else
    {
        echo ("Supplied type is not valid.");
        exit;
    }
    if (!$sth)
    {
        $error = $db->errorInfo();
        echo($error[2]);
        exit;
    }

//$fetch: set to true when you expect results, set to false (default) when you do update/delete/insert and there are no records returned. Else the records are returned through $sth->fetchAll();
    if (!$fetch)
    {
        return $sth->rowCount();
    }
    return $sth->fetchAll();        
}

    Example query for your database entry

    $name = $_POST['name'];
$email = $_POST['email'];
$comment = $_POST['comment'];

$SQL = "
        INSERT INTO signatures (name, email, comment) VALUES ( :name, :email, :comment);
    ";
    $result = doPDOQuery($SQL, "prepare", array(":name" => $name, ":comment" => $comment, ":email" => $email), $myDB, false);

    Please read into PDO. It works as following:

    1. DB connection is made
    2. SQL is prepared by the SQL server
    3. The params are loaded into the SQL query (supplied by the array).
    4. Params are escaped which makes SQL-injection less possible.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 WPF 大屏看板表格背景图片设置
  • ¥15 这个主板怎么能扩出一两个sata口
  • ¥15 不是,这到底错哪儿了😭
  • ¥15 2020长安杯与连接网探
  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示