drbmhd9583 2018-07-24 20:59
浏览 79
已采纳

HTML表单不通过PHP处理器将数据发布到MySQL数据库中

Context:

I'm working with the following stack: HTML/CSS, PHP, MySQL to build a web app that stores and retrieves data entered to a form.

Problem:

When I enter data into the form (the html part of index.php) locally it is not actually POSTing that data into the mysql database I have setup and is throwing an error saying there is an unknown column.

I think that the problem is in the inserting values part. If anyone has any idea as to why it's not posting I would love any help I can get. Thanks for your time!

Pics:

inspecting code locally AFTER inserting and submitting

Code:

index.php

<?php

include("dbconfig.php");

try {

  /* connect with credentials held in dbconfig file */
  $conn = new PDO("mysql:host=$server;dbname=$db", $user, $pass);

  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  echo "Successfully Connected!";


  /* input sanitization */
  $title = htmlspecialchars($_POST['title']);
  $overview = htmlspecialchars($_POST['overview']);
  $threat_details = htmlspecialchars($_POST['threat_details']);
  $cust_name = htmlspecialchars($_POST['cust_name']);
  $fld_insight = htmlspecialchars($_POST['fld_insight']);
  $competitor = htmlspecialchars($_POST['competitor']);
  $id = htmlspecialchars($_POST['id']);
  $rev_damage = htmlspecialchars($_POST['rev_damage']);
  echo "data sanitized";

  /* submits data IF the submit button is pressed */
  if(isset($_POST['submit'])) {

      /* insert the values passed into the html form into mysql database */
    $sql = "INSERT INTO comp (title, overview, threat_details, cust_name, fld_insight, competitor, id, rev_damage) VALUES ('titleBinded', 'overviewBinded', 'threatDetailsBinded', 'customerNameBinded', 'fieldInsightBinded', 'competitorBinded', 'idBinded', 'revDamageBinded')";


    $sqlPrepared = $conn->prepare($sql);

    $sqlPrepared->bindParam(':titleBinded',$title);
    $sqlPrepared->bindParam(':overviewBinded',$overview); 
    $sqlPrepared->bindParam(':threatDetailsBinded',$threat_details);
    $sqlPrepared->bindParam(':customerNameBinded',$cust_name);
    $sqlPrepared->bindParam(':fieldInsightBinded',$fld_insight);
    $sqlPrepared->bindParam(':competitorBinded',$competitor);
    $sqlPrepared->bindParam(':idBinded',$id);
    $sqlPrepared->bindParam(':revDamageBinded',$rev_damage);


    $sqlPrepared->execute();
    echo "Successfully Inserted!";
  }


  /* commit the transaction */
  if (!$conn->commit()) {
    print("Commit failed
");
    exit();
  }


  /* close connection */
  $conn->close();

}
catch(PDOException $e) {

  echo "Connection failed: " . $e->getMessage();
}

?>


<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">


<div class="form-style-2-heading">Create New Competitor</div>


<style>
html,body,h1,h2,h3,h4,h5 {font-family: "Raleway", sans-serif}
</style>
<body class="blue">

</head>


<body>



<!-- Top container -->
<div class="w3-bar w3-top w3-blue w3-large" style="z-index:4">
  <span class="w3-bar-item w3-center">Create New Competitor</span>
</div>

<div class="w3-main" style="margin-left:300px;margin-top:43px;">



<!-- SUBMIT PAGE CONTENT TO DATABASE  -->
<form method="POST">

<label id="info">
<span>Opportunity Title<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opti"></label>
<br>
<br>

<label id="info">
<span>Opportunity Overview<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="opov"></label>
<br>
<br>

<label id="info">
<span>Competitive Threat Details<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="compdet"></label>
<br>
<br>

<label id="info">
<span>Customer Name<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="custnme"></label>
<br>
<br>

<label id="info">
<span>Field Insight<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="fldinsght"></label>
<br>
<br>

<label id="info">
<span>Name of Company Competitor<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="cmpname"</label>
<br>
<br>

<label id="info">
<span>Enter Deal ID<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="id"</label>
<br>
<br>

<label id="info">
<span>Approx. Revenue Implications<span class="required">*</span></span>
<br>
<input type="text" class="input-field" name="rev"</label>
<br>
<br>

<b>Technologies/Domains Included</b>
<br>
<br>

<label id="container">Tech1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Tech7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<b>Geo/Theatre</b>
<br>
<br>

<label id="container">Geo1
  <input type="checkbox" checked="checked">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo2
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo3
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo4
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo5
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo6
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo7
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo8
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo9
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo10
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo11
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo12
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo13
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo14
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo15
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>

<label id="container">Geo16
  <input type="checkbox">
  <span class="checkmark"></span>
</label>
<br>
<br>

<label><span>&nbsp;</span><input type="submit" value="Submit" name="submit" /></label>

</form>
</div>
</html>

create.sql

drop database if exists comp;
create schema comp;
use comp;
create table comp (
    titleBinded VARCHAR(50),
    overviewBinded VARCHAR(255),
    threatDetailsBinded VARCHAR(255),
    customerNameBinded VARCHAR(30),
    fieldInsightBinded VARCHAR(255),
    competitorBinded VARCHAR(30),
    idBinded INT,
    revDamageBinded INT,
    PRIMARY KEY (idBinded)
);
create table technologies (
    name VARCHAR(225), 
    PRIMARY KEY (name)
);
create table geography (
    area VARCHAR(255),
    PRIMARY KEY (area)
);
  • 写回答

1条回答 默认 最新

  • duanguai2781 2018-07-24 21:04
    关注

    Since your create table statement contains the column names, you have to use those in your query:

    create table comp (
    titleBinded VARCHAR(50),
    overviewBinded VARCHAR(255),
    threatDetailsBinded VARCHAR(255),
    customerNameBinded VARCHAR(30),
    fieldInsightBinded VARCHAR(255),
    competitorBinded VARCHAR(30),
    idBinded INT,
    revDamageBinded INT,
    PRIMARY KEY (idBinded)
);

    The query should look like this:

    INSERT INTO comp (titleBinded, overviewBinded, threatDetailsBinded, customerNameBinded ...

    etc.

    Now, you have a : in your bind statements - 

    $sqlPrepared->bindParam(':titleBinded',$title);
$sqlPrepared->bindParam(':overviewBinded',$overview); 
$sqlPrepared->bindParam(':threatDetailsBinded',$threat_details); ...

    etc.

    so you should use those in your query too, without quotes:

    VALUES (:titleBinded, :overviewBinded, :threatDetailsBinded, :customerNameBinded, :fieldInsightBinded, :competitorBinded, :idBinded, :revDamageBinded)

    Because you're binding your variables you can get rid of the lines where you use htmlspecialchars() as this does not sanitize your data, the binding in a prepared statement takes care of it.

    In a nutshell

    You have to have a form element with a name attribute. From there you can bind that variable when posted to use in the query:

    <input type="text" name="this_input_name" />

    If using the POST method the variable can be used in the bind like this:

    $sqlPrepared->bindParam(':thisBoundName', $_POST['this_input_name']);

    Your query would then look something like this:

    INSERT INTO `tablename` (`this_column_name`) VALUES (:thisBoundName)

    Take note of how the named input this_input_name is used to bind the parameter :thisBoundName and how the parameter is used as the value to be inserted in the column (created at the time the table is created).

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?