drbmhd9583 2018-07-24 20:59
浏览 79
已采纳

HTML表单不通过PHP处理器将数据发布到MySQL数据库中

Context:

I'm working with the following stack: HTML/CSS, PHP, MySQL to build a web app that stores and retrieves data entered to a form.

Problem:

When I enter data into the form (the html part of index.php) locally it is not actually POSTing that data into the mysql database I have setup and is throwing an error saying there is an unknown column.

I think that the problem is in the inserting values part. If anyone has any idea as to why it's not posting I would love any help I can get. Thanks for your time!

Pics:

inspecting code locally AFTER inserting and submitting

Code:

index.php

<?php

include("dbconfig.php");

try {

  /* connect with credentials held in dbconfig file */
  $conn = new PDO("mysql:host=$server;dbname=$db", $user, $pass);

  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  echo "Successfully Connected!";


  /* input sanitization */
  $title = htmlspecialchars($_POST['title']);
  $overview = htmlspecialchars($_POST['overview']);
  $threat_details = htmlspecialchars($_POST['threat_details']);
  $cust_name = htmlspecialchars($_POST['cust_name']);
  $fld_insight = htmlspecialchars($_POST['fld_insight']);
  $competitor = htmlspecialchars($_POST['competitor']);
  $id = htmlspecialchars($_POST['id']);
  $rev_damage = htmlspecialchars($_POST['rev_damage']);
  echo "data sanitized";

  /* submits data IF the submit button is pressed */
  if(isset($_POST['submit'])) {

      /* insert the values passed into the html form into mysql database */
    $sql = "INSERT INTO comp (title, overview, threat_details, cust_name, fld_insight, competitor, id, rev_damage) VALUES ('titleBinded', 'overviewBinded', 'threatDetailsBinded', 'customerNameBinded', 'fieldInsightBinded', 'competitorBinded', 'idBinded', 'revDamageBinded')";


    $sqlPrepared = $conn->prepare($sql);

    $sqlPrepared->bindParam(':titleBinded',$title);
    $sqlPrepared->bindParam(':overviewBinded',$overview); 
    $sqlPrepared->bindParam(':threatDetailsBinded',$threat_details);
    $sqlPrepared->bindParam(':customerNameBinded',$cust_name);
    $sqlPrepared->bindParam(':fieldInsightBinded',$fld_insight);
    $sqlPrepared->bindParam(':competitorBinded',$competitor);
    $sqlPrepared->bindParam(':idBinded',$id);
    $sqlPrepared->bindParam(':revDamageBinded',$rev_damage);


    $sqlPrepared->execute();
    echo "Successfully Inserted!";
  }


  /* commit the transaction */
  if (!$conn->commit()) {
    print("Commit failed
");
    exit();
  }


  /* close connection */
  $conn->close();

}
catch(PDOException $e) {

  echo "Connection failed: " . $e->getMessage();
}

?>


<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">


<div class="form-style-2-heading">Create New Competitor</div>


<style>
html,body,h1,h2,h3,h4,h5 {font-family: "Raleway", sans-serif}
</style>
<body class="blue">

</head>


<body>



<!-- Top container -->
<div class="w3-bar w3-top w3-blue w3-large" style="z-index:4">
  <span class="w3-bar-item w3-center">Create New Competitor</span>
</div>

<div class="w3-main" style="margin-left:300px;margin-top:43px;">



<!-- SUBMIT PAGE CONTENT TO DATABASE  -->
<form method="POST">

<label id="info">
<span>Opportunity Title<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opti"></label>
<br>
<br>

<label id="info">
<span>Opportunity Overview<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opov"></label>
<br>
<br>

<label id="info">
<span>Competitive Threat Details<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="compdet"></label>
<br>
<br>

<label id="info">
<span>Customer Name<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="custnme"></label>
<br>
<br>

<label id="info">
<span>Field Insight<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="fldinsght"></label>
<br>
<br>

<label id="info">
<span>Name of Company Competitor<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="cmpname"</label>
<br>
<br>

<label id="info">
<span>Enter Deal ID<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="id"</label>
<br>
<br>

<label id="info">
<span>Approx. Revenue Implications<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="rev"</label>
<br>
<br>

<b>Technologies/Domains Included</b>
<br>
<br>

<label id="container">Tech1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<b>Geo/Theatre</b>
<br>
<br>

<label id="container">Geo1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo8
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo9
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo10
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo11
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo12
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo13
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo14
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo15
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo16
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<label><span>&nbsp;</span><input type="submit" value="Submit" name="submit" /></label>

</form>
</div>
</html>

create.sql

drop database if exists comp;
create schema comp;
use comp;
create table comp (
    titleBinded VARCHAR(50),
    overviewBinded VARCHAR(255),
    threatDetailsBinded VARCHAR(255),
    customerNameBinded VARCHAR(30),
    fieldInsightBinded VARCHAR(255),
    competitorBinded VARCHAR(30),
    idBinded INT,
    revDamageBinded INT,
    PRIMARY KEY (idBinded)
);
create table technologies (
    name VARCHAR(225), 
    PRIMARY KEY (name)
);
create table geography (
    area VARCHAR(255),
    PRIMARY KEY (area)
);
  • 写回答

1条回答 默认 最新

  • duanguai2781 2018-07-24 21:04
    关注

    Since your create table statement contains the column names, you have to use those in your query:

    create table comp (
        titleBinded VARCHAR(50),
        overviewBinded VARCHAR(255),
        threatDetailsBinded VARCHAR(255),
        customerNameBinded VARCHAR(30),
        fieldInsightBinded VARCHAR(255),
        competitorBinded VARCHAR(30),
        idBinded INT,
        revDamageBinded INT,
        PRIMARY KEY (idBinded)
    );
    

    The query should look like this:

    INSERT INTO comp (titleBinded, overviewBinded, threatDetailsBinded, customerNameBinded ...
    

    etc.

    Now, you have a : in your bind statements -

    $sqlPrepared->bindParam(':titleBinded',$title);
    $sqlPrepared->bindParam(':overviewBinded',$overview); 
    $sqlPrepared->bindParam(':threatDetailsBinded',$threat_details); ...
    

    etc.

    so you should use those in your query too, without quotes:

    VALUES (:titleBinded, :overviewBinded, :threatDetailsBinded, :customerNameBinded, :fieldInsightBinded, :competitorBinded, :idBinded, :revDamageBinded)
    

    Because you're binding your variables you can get rid of the lines where you use htmlspecialchars() as this does not sanitize your data, the binding in a prepared statement takes care of it.

    In a nutshell

    You have to have a form element with a name attribute. From there you can bind that variable when posted to use in the query:

    <input type="text" name="this_input_name" />
    

    If using the POST method the variable can be used in the bind like this:

    $sqlPrepared->bindParam(':thisBoundName', $_POST['this_input_name']);
    

    Your query would then look something like this:

    INSERT INTO `tablename` (`this_column_name`) VALUES (:thisBoundName)
    

    Take note of how the named input this_input_name is used to bind the parameter :thisBoundName and how the parameter is used as the value to be inserted in the column (created at the time the table is created).

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 求一下解题思路,完全不懂
  • ¥15 tensorflow
  • ¥15 densenet网络结构中,特征以cat方式复用后是怎么进行误差回传的
  • ¥15 STM32G471芯片spi设置了8位,总是发送16位
  • ¥15 R语言并行计算beta-NTI中tree文件的类型
  • ¥15 如何解读marsbar导出的ROI数据?
  • ¥20 求友友协助弄一下基于STC89C52单片机的声光控制灯原理图
  • ¥15 arduino双向交通灯设计
  • ¥15 有没有会粒子群算法的大能(○゜ε^○)求带不会出收敛图😭
  • ¥15 Matlab读取根元素出错