发布变量值而不是变量名称
I'm trying to get the entry from a textbox code to go to a php form and have the php form send it to a database. THe problem I'm having is instead of posting the textbox value it posts $code. I'm using mysql and php.
PHP:
<?
if( $_POST )
{
$username="***";
$password="***";
$con = mysql_connect("***",$username,$password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("inmoti6_mysite", $con);
$code = $_POST['code'];
$code = htmlspecialchars($code);
$query = 'INSERT INTO `storycodes`.`storycodes` (`code`) VALUES ("$code");';
mysql_query($query);
echo "<h2>Thank you for your Comment!</h2>";
mysql_close($con);
}
?>
Doubt this is the issue, but here's the html:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Database</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="/scripts/database2.php">
<label>Code:
<input name="code" type="text" id="code" value="" size="45" />
</label>
<p>
<label>
<input type="submit" name="submit" id="submit" value="Submit" />
</label>
</p>
</form>
</body>
</html>
我正在尝试从文本框代码中获取条目以转到php表单并发送php表单 它到数据库。 我遇到的问题是发布文本框值而不是发布$ code。 我正在使用mysql和php。 p>
PHP: p>
&lt;?
if($ _POST)
{
$ username =“***”;
$ password =“***”;
$ con = mysql_connect(“***”,$ username,$ password);
if(!$ con)\ n {
die('无法连接:'。mysql_error());
}
mysql_select_db(“inmoti6_mysite”,$ con);
$ code = $ _POST ['code'];
$ code = htmlspecialchars($ code);
$ query ='INSERT INTO`storycodes``storycodes`(`code`)VALUES(“$ code”);';
mysql_query($ query);
echo“&lt; h2&gt;感谢您的评论!&lt; / h2&gt;”;
mysql_close($ con);
}
?&gt;
code> pre>
\ n 怀疑这是个问题,但这里是html: p>
&lt;!DOCTYPE html PUBLIC“ - // W3C // DTD XHTML 1.0 Transitional // EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns =”http://www.w3.org/1999/xhtml“&gt;
&lt ; head&gt;
&lt; meta http-equiv =“Content-Type”content =“text / html; charset = utf-8”/&gt;
&lt; title&gt;数据库&lt; / title&gt;
&lt; / head&gt;
&lt; body&gt;
&lt; form id =“form1”name =“form1”method =“post”action =“/ scripts / database2.php”&gt;
&lt; label&gt;代码:
&lt;输入名称 =“code”type =“text”id =“code”value =“”size =“45”/&gt;
&lt; / label&gt;
&lt; p&gt;
&lt; label&gt;
&lt;输入类型 =“submit”name =“submit”id =“submit”value =“提交”/&gt;
&lt; / label&gt;
&lt; / p&gt;
&lt; / form&gt;
&lt; / bod y&gt;
&lt; / html&gt;
code> pre>
div>
You need to use double quotes for the variables to be recognized in a string, so change:
$query = 'INSERT INTO `storycodes`.`storycodes` (`code`) VALUES ("$code");';
to
$query = "INSERT INTO `storycodes`.`storycodes` (`code`) VALUES ('$code');";
You also have an sql injection problem; I recommend that you switch to PDO (or mysqli) with prepared statements and bound variables. At the very least you should use mysql_real_escape_string on your variables before you insert them in the database but as you can see in the manual, the mysql_* functions are deprecated.
it doesn't post $code, you use $code as a value instead of a variable. problem is related to quotes.
$query = "INSERT INTO `storycodes`.`storycodes` (`code`) VALUES (\"$code\");";
try this one.