尝试使用 PHP 从在 twitter-bootstrap 中创建的下拉网站表单中将选项值数据插入到 MySQL 数据库中
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14346368/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Trying to insert option value data in to the MySQL database using PHP from Dropdown Website Form created in twitter-bootstrap
提问by Aaron
I am a beginner with php. I am using twitter-bootstrap to create a website. I would like to store the data submitted from a website dropdown menu into a MySQL database named datawebcollectiondb . I am able to store information in the db when the user submits input from an open text field, but not from a drop down menu. The database fills with 0s in all fields when the dropdown menu is submitted.
我是 php 的初学者。我正在使用 twitter-bootstrap 创建一个网站。我想将从网站下拉菜单提交的数据存储到名为 datawebcollectiondb 的 MySQL 数据库中。当用户从打开的文本字段而不是从下拉菜单提交输入时,我能够将信息存储在数据库中。提交下拉菜单时,数据库在所有字段中填充 0。
First the open text field that did work:
首先是工作的开放文本字段:
HTML file:
HTML文件:
<html>
<body>
<form action="insert.php" method="post">
Number Please: <input type="text" name="directionp">
Another Number: <input type="text" name="timep">
Third Number: <input type="text" name="locationp">
Fourth Number: <input type="text" name="searchtimep">
<input type="submit">
</form>
</body>
</html>
PHP file that worked:
有效的 PHP 文件:
<?php
$con = mysql_connect("host", "username", "password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("timeforparkingdb", $con);
$sql="INSERT INTO datawebcollection (directionp, timeofdayp, locationp, searchtimep)
VALUES
('$_POST[directionp]','$_POST[timep]','$_POST[locationp]','$_POST[searchtimep]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 more record added =) ";
mysql_close($con);
?>
HTML file that did NOT work in tandem with above php file, other than populating db with 0s:
除了用 0 填充 db 之外,无法与上述 php 文件协同工作的 HTML 文件:
<html>
<form action="insert.php" method="post">
<b>DIRECTION:</b>
<select name="directionp">
<option value="1">Coming</option>
<option value="2">Going</option>
</select>
<b>TIME:</b>
<select name="timep">
<option value="0">12:00am - 1:00am</option>
<option value="1">1:00am - 2:00am</option>
<option value="2">2:00am - 3:00am</option>
<option value="3">3:00am - 4:00am</option>
<option value="4">4:00am - 5:00am</option>
<option value="5">5:00am - 6:00am</option>
<option value="6">6:00am - 7:00am</option>
<option value="7">7:00am - 8:00am</option>
<option value="8">8:00am - 9:00am</option>
<option value="9">9:00am - 10:00am</option>
<option value="10">10:00am - 11:00am</option>
<option value="11">11:00am - 12:00pm</option>
<option value="12">12:00pm - 1:00pm</option>
</select>
<b>LOCATION:</b>
<select name="locationp">
<option value="1">Zone One</option>
<option value="2">Zone Two</option>
<option value="3">Zone Three</option>
<option value="4">Zone Four</option>
<option value="5">Zone Five</option>
<option value="6">Zone Six</option>
<option value="7">Zone Seven</option>
<option value="8">Zone Eight</option>
<option value="9">Zone Nine</option>
<option value="10">Zone Ten</option>
<option value="11">Zone Eleven</option>
<option value="12">Zone Twelve</option>
<option value="13">Zone Thirteen</option>
</select>
<b>SEARCH TIME HERE:</b>
<select name="searchtimep">
<option value="0">Under 1 Minute</option>
<option value="1">1 Minute - 3 Minutes</option>
<option value="5">3 Minutes - 5 Minutes</option>
<option value="10">5 Minutes - 10 Minutes</option>
<option value="15">10 Minutes -15 Minutes</option>
<option value="20">15 Minutes - 20 Minutes</option>
<option value="25">20 Minutes - 25 Minutes</option>
<option value="30">25 Minutes - 30 Minutes</option>
<option value="35">30 Minutes - 35 Minutes</option>
<option value="40">35 Minutes - 40 Minutes</option>
<option value="45">40 Minutes - 45 Minutes</option>
<option value="50">45 Minutes - 50 Minutes</option>
<option value="55">50 Minutes - 55 Minutes</option>
<option value="60">55 Minutes - 1 HOUR</option>
<option value="0">Over 1 HOUR</option>
</select>
<button type="submit" class="btn btn-large btn-primary">Submit</button>
</form>
</html>
Original MySQL Database Structure:
原始 MySQL 数据库结构:
Field Type Collation Attributes Null Default Extra Action
unique_entry_id int(11) No
dayp int(2) No
monthp int(2) No
yearp int(4) No
directionp int(1) No
timeofdayp int(2) No
locationp int(2) No
searchtimep int(2) No
What I see inside my database so far:
到目前为止,我在数据库中看到的内容:
unique_entry_id dayp monthp yearp directionp timeofdayp locationp searchtimep
0 6 6 6 0 0 0 0
0 7 7 7 0 0 0 0
0 8 24 2345 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
The rows with values other than 0 are from when I ran the original code, and the rows with only 0s are from the dropdown form. How can I get the correct correlated option value to be the value stored into the database? I would have thought that the value assigned to the option, i.e. <option value="1">Zone One</option> <option value="2">Zone Two</option>, would have been the value submitted to the db.
值不是 0 的行来自我运行原始代码时,只有 0 的行来自下拉表单。如何获得正确的相关选项值作为存储到数据库中的值?我原以为分配给选项的值,即<option value="1">Zone One</option> <option value="2">Zone Two</option>,将是提交给数据库的值。
What I saw on my chrome developer console under form data:
我在 chrome 开发者控制台上看到的内容form data如下:
direction=2&time=5&location=5&searchtime=25
and still the database recorded all 0s.
并且数据库仍然记录全0。
Corrected MySQL Database Structure: Present Corrected Database Structure:
更正的 MySQL 数据库结构:现在 更正的数据库结构:
Field Type Collation Attributes Null Default Extra
unique_entry_id int(11) No
city_id varchar(50) utf8_general_ci No
datep date No
directionp int(1) No
timeofdayp time No
locationp int(2) No
searchtimep int(2) No
In order to pass integers and not text to the mySQL db from my php code I've removed the single quotes:
为了将整数而不是文本从我的 php 代码传递到 mySQL 数据库,我删除了单引号:
<?php
$con = mysql_connect("", "", "");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("timeforparkingdb", $con);
$sql="INSERT INTO datawebcollection (directionp, timeofdayp, locationp, searchtimep)
VALUES
($_POST[directionp],$_POST[timep],$_POST[locationp],$_POST[searchtimep])";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Thank you for your submission! 1 more record added =) ";
mysql_close($con);
?>
First step in order to avoid SQL injection I have modified my HTML to:
为了避免 SQL 注入,第一步我将 HTML 修改为:
<form action="insert.php" id="timeforparking" method="post">
<input type="submit">
</form>
and:
和:
DIRECTION:
<select form = "timeforparking" id="directionp">
<option value="1">Parking In Manhattan</option>
<option value="2">Leaving Manhattan</option>
</select>
TIME:
<select form = "timeforparking" id="timep">
<option value="0">12:00am - 1:00am</option>
<option value="1">1:00am - 2:00am</option>
<option value="2">2:00am - 3:00am</option>
<option value="3">3:00am - 4:00am</option>
<option value="4">4:00am - 5:00am</option>
<option value="5">5:00am - 6:00am</option>
<option value="6">6:00am - 7:00am</option>
<option value="7">7:00am - 8:00am</option>
<option value="8">8:00am - 9:00am</option>
<option value="9">9:00am - 10:00am</option>
<option value="10">10:00am - 11:00am</option>
<option value="11">11:00am - 12:00pm</option>
<option value="12">12:00pm - 1:00pm</option>
<option value="13">1:00pm - 2:00pm</option>
<option value="14">2:00pm - 3:00pm</option>
<option value="15">3:00pm - 4:00pm</option>
<option value="16">4:00pm - 5:00pm</option>
<option value="17">5:00pm - 6:00pm</option>
<option value="18">6:00pm - 7:00pm</option>
<option value="19">7:00pm - 8:00pm</option>
<option value="20">8:00pm - 9:00pm</option>
<option value="21">9:00pm - 10:00pm</option>
<option value="22">10:00pm - 11:00am</option>
<option value="23">11:00am - 12:00pm</option>
</select>
LOCATION:
<select form = "timeforparking" id="locationp">
<option value="1">Zone One</option>
<option value="2">Zone Two</option>
<option value="3">Zone Three</option>
<option value="4">Zone Four</option>
<option value="5">Zone Five</option>
<option value="6">Zone Six</option>
<option value="7">Zone Seven</option>
<option value="8">Zone Eight</option>
<option value="9">Zone Nine</option>
<option value="10">Zone Ten</option>
<option value="11">Zone Eleven</option>
<option value="12">Zone Twelve</option>
<option value="13">Zone Thirteen</option>
</select>
REPORT YOUR APPROXIMATE SEARCH TIME HERE:
<select form = "timeforparking" id="searchtimep">
<option value="0">Under 1 Minute</option>
<option value="1">1 Minute - 3 Minutes</option>
<option value="5">3 Minutes - 5 Minutes</option>
<option value="10">5 Minutes - 10 Minutes</option>
<option value="15">10 Minutes -15 Minutes</option>
<option value="20">15 Minutes - 20 Minutes</option>
<option value="25">20 Minutes - 25 Minutes</option>
<option value="30">25 Minutes - 30 Minutes</option>
<option value="35">30 Minutes - 35 Minutes</option>
<option value="40">35 Minutes - 40 Minutes</option>
<option value="45">40 Minutes - 45 Minutes</option>
<option value="50">45 Minutes - 50 Minutes</option>
<option value="55">50 Minutes - 55 Minutes</option>
<option value="60">55 Minutes - 1 HOUR</option>
<option value="0">Over 1 HOUR</option>
</select>
And I will have to do something to the php to avoid injection, and I do not undertand what I need to do for this yet, and I am presently researching this at http://php.net/manual/en/pdo.prepared-statements.php, and trying to apply the following to my case:
我将不得不对 php 做一些事情来避免注入,我还不明白我需要为此做什么,我目前正在http://php.net/manual/en/pdo.prepared研究这个-statements.php,并尝试将以下内容应用于我的案例:
This example performs an INSERT query by substituting a name and a value for the named placeholders.
<?php
$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name, :value)");
$stmt->bindParam(':name', $name);
$stmt->bindParam(':value', $value);
// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
// insert another row with different values
$name = 'two';
$value = 2;
$stmt->execute();
?>
It may be that some of my values are empty. Next I hope to check the POST parameters and print them out in the php code via Print out post values, specifically:
可能是我的一些价值观是空的。接下来我希望检查POST参数并通过Print out post values在php代码中打印出来,具体是:
<?php
// loop through every form field
while( list( $field, $value ) = each( $_POST )) {
// display values
if( is_array( $value )) {
// if checkbox (or other multiple value fields)
while( list( $arrayField, $arrayValue ) = each( $value )) {
echo "<p>" . $arrayValue . "</p>\n";
}
} else {
echo "<p>" . $value . "</p>\n";
}
}
?>
output after submit:
提交后输出:
blank white screen
Does this mean that I am trying to pass empty values to my db? And I am no longer receiving all 0s in my database as I know have a SQL error (or is that because I am passing blank values ,i.e. $_POST[locationp] and $_POST[searchtimep] are empty? is that the right conclusion? if so, why is it doing that?) with the updated PHP without single quotes; With the latest PHP [as seen above without single quotes, so it doesn't send as text] and the HTML above that now uses an ID tag for the form, I recieve:
这是否意味着我试图将空值传递给我的数据库?而且我不再在我的数据库中收到全 0,因为我知道有一个 SQL 错误(或者是因为我传递的是空白值,即 $_POST[locationp] 和 $_POST[searchtimep] 是空的?这是正确的结论吗?如果是这样,为什么要这样做?)使用没有单引号的更新的 PHP;使用最新的 PHP [如上所示,没有单引号,所以它不会作为文本发送] 以及上面现在使用表单 ID 标签的 HTML,我收到:
"Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,)' at line 3"
when I ty to submit from the webpage. And it follows that Chrome is not displaying anything regarding form values, only "Request Headers" and "Response Headers" are listed.
当我从网页提交时。因此,Chrome 没有显示任何有关表单值的内容,只列出了“请求标头”和“响应标头”。
My original question/post is still: storing values in a MySQL db from a drop down menu?
我原来的问题/帖子仍然是:从下拉菜单中将值存储在 MySQL 数据库中?
A related question that I was unable to glean a solution from: Inserting Data from dropdown into database with PHP
我无法从中找到解决方案的相关问题:使用 PHP 从下拉列表中插入数据到数据库中
采纳答案by ngm
Your PHP script is expecting form variables named e.g. directionp, however the post data from Chrome is displaying direction (with no p on the end.)
您的 PHP 脚本需要名为例如 directionp 的表单变量,但是来自 Chrome 的帖子数据显示的是方向(末尾没有 p。)
Are you sure your form elements are named correctly in your HTML? It would appear so from your listing, however your form data looks different.
你确定你的表单元素在你的 HTML 中被正确命名了吗?它会从您的列表中显示出来,但是您的表单数据看起来不同。
