PHP 向服务器发送空表单值

Question

此服务器确认 PHP 连接，但在表单中输入的值不会仅存储空表行。

PHP代码:

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Aliens Abducted Me - Report an Abduction</title>
</head>
<body>
  <h2>Aliens Abducted Me - Report an Abduction</h2>

<?php


  $name = $_POST'firstname';
  $last_name =$_POST'lastname';
  $when_it_happened = $_POST'whenithappened';
  $how_long = $_POST'howlong';
  $how_many = $_POST'howmany';
  $alien_description = $_POST'aliendescription';
  $what_they_did = $_POST'whattheydid';
  $fang_spotted = $_POST'fangspotted';
  $email = $_POST'email';
  $other = $_POST'other';

  $dbc = mysqli_connect('localhost', 'root', 'Password', 'aliendatabase')
    or die('Error Connecting to MySQL server');

  $query = "INSERT INTO aliens_abduction (first_name, last_name, when_it_happened, how_long, " .
    "how_many, alien_description, what_they_did, fang_spotted, other, email) " .
    "VALUES ('$first_name, '$last_name', '$when_it_happened', '$how_long', '$how_many', " .
    "'$alien_description', '$what_they_did', '$fang_spotted', '$other', '$email')";

  $result = mysqli_query($dbc, $query)
    or die('Error Querying Database');

  mysqli_close($dbc); 

  echo 'Thanks for submitting the form.<br />';
  echo 'You were abducted ' . $when_it_happened;
  echo ' and were gone for ' . $how_long . '<br />';
  echo 'Number of aliens: ' . $how_many . '<br />';
  echo 'Describe them: ' . $alien_description . '<br />';
  echo 'The aliens did this: ' . $what_they_did . '<br />';
  echo 'Was Fang there? ' . $fang_spotted . '<br />';
  echo 'Other comments: ' . $other . '<br />';
  echo 'Your email address is ' . $email;

?>

</body>
</html>

这是表单/HTML 代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Aliens Abducted Me - Report an Abduction</title>
  <link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
  <h2>Aliens Abducted Me - Report an Abduction</h2>

  <p>Share your story of alien abduction:</p>
  <form method="post" action="report.php">
    <label for="firstname">First name:</label>
    <input type="text" id="firstname" name="firstname" /><br />
    <label for="lastname">Last name:</label>
    <input type="text" id="lastname" name="lastname" /><br />
    <label for="email">What is your email address?</label>
    <input type="text" id="email" name="email" /><br />
    <label for="whenithappened">When did it happen?</label>
    <input type="text" id="whenithappened" name="whenithappened" /><br />
    <label for="howlong">How long were you gone?</label>
    <input type="text" id="howlong" name="howlong" /><br />
    <label for="howmany">How many did you see?</label>
    <input type="text" id="howmany" name="howmany" /><br />
    <label for="aliendescription">Describe them:</label>
    <input type="text" id="aliendescription" name="aliendescription" size="32" /><br />
    <label for="whattheydid">What did they do to you?</label>
    <input type="text" id="whattheydid" name="whattheydid" size="32" /><br />
    <label for="fangspotted">Have you seen my dog Fang?</label>
    Yes <input id="fangspotted" name="fangspotted" type="radio" value="yes" />
    No <input id="fangspotted" name="fangspotted" type="radio" value="no" /><br />
    <img src="fang.jpg" width="100" height="175"
      alt="My abducted dog Fang." /><br />
    <label for="other">Anything else you want to add?</label>
    <textarea id="other" name="other"></textarea><br />
    <input type="submit" value="Report Abduction" name="submit" />
  </form>
</body>
</html>

代码直接来自一本书。 php v5.6.22 和最新的 Apache 和 MySQL。 谁能告诉我哪里出了问题或我做错了什么

Answer 1

看到这个 => $_POST'firstname'; 和所有其他 POST 数组了吗？

它们缺少括号 []。

因此将其更改为 $_POST['firstname']; 并对所有其他人也执行相同的操作。

错误报告和阅读表单手册一样对您有帮助。

• http://php.net/manual/en/function.error-reporting.php
• http://php.net/manual/en/tutorial.forms.php

此外，您应该对进入数据库的所有 POST 数组使用条件 !empty()。

如果其中任何一个留空，如果您的数据库不接受 NULL 值，这可能会触发错误。

您还缺少 ('$first_name, 的引号并在您的查询中连接。

这需要这样重写:

$query = "INSERT INTO aliens_abduction (first_name, last_name, when_it_happened, how_long, 
    how_many, alien_description, what_they_did, fang_spotted, other, email) 
    VALUES ('$first_name', '$last_name', '$when_it_happened', '$how_long', '$how_many', 
    '$alien_description', '$what_they_did', '$fang_spotted', '$other', '$email')";

---

脚注:

您现在的密码是开放给SQL injection .使用 prepared statements , 或 PDO与 prepared statements .