将数据插入mysql数据库
Im trying to insert data into my mysql databse. It succesfully inserts the data but the problem is everytime i load the page i recieve the following error.
Notice: Undefined index: comment in
C:\wamp\www\CMS\addnews.php on line 42
Call Stack
# Time Memory Function Location
1 0.0004 674184 {main}( ) ..\addnews.php:0
Im aware that the mysql extension is offically depreciated so please dont comment on that.
Here's my code
<form id="insNews" name="insNews" method="POST" action="addnews.php">
<textarea rows="20" cols="90" name="comment"></textarea>
<input type="submit" name="InsertNews" id="InsertNews">
<?php
include 'db.php';
$comment=$_POST['comment']; // **ERROR HERE**
$tablename="news";
$sql="INSERT INTO $tablename(news_content)VALUES('$comment')";
if(isset($_POST['InsertNews']))
{
mysql_query($sql);
}
?>
我试图将数据插入我的mysql数据库。 它成功插入数据但问题是我每次加载页面时都会收到以下错误。 p>
注意:未定义的索引:在第42行的
C:\ wamp \ www \ CMS \ addnews.php中注释
调用堆栈
#时间内存函数位置\ n 1 0.0004 674184 {main}().. \ addnews.php:0
code> pre>
我知道mysql扩展名是正式折旧的,所以请不要对此发表评论。 p>
这是我的代码
p>
&lt; form id =“insNews”name =“insNews”method =“POST”action = “addnews.php”&gt;
&lt; textarea rows =“20”cols =“90”name =“comment”&gt;&lt; / textarea&gt;
&lt; input type =“submit”name = “InsertNews”id =“InsertNews”&gt;
&lt;?php
include'db.php';
$ comment = $ _ POST ['comment']; // ** ERROR HERE **
$ tablename =“news”;
$ sql =“INSERT INTO $ tablename(news_content)VALUES('$ comment')”;
if(isset($ _ POST [ 'InsertNews']))
{
mysql_query($ sql);
}
?&gt;
code> pre>
div>
You must check if variable exists.
<form id="insNews" name="insNews" method="POST" action="addnews.php">
<textarea rows="20" cols="90" name="comment"></textarea>
<input type="submit" name="InsertNews" id="InsertNews">
</form>
<?php
include 'db.php';
if (!empty($_POST['comment'])) {
$comment = $_POST['comment']; // **ERROR HERE**
$tablename = "news";
$sql="INSERT INTO $tablename(news_content)VALUES('" . mysql_real_escape_string($comment) . "')";
if(isset($_POST['InsertNews']))
{
mysql_query($sql);
}
}
?>
But I want to inform you that mysql_* lib is deprecated. Use PDO or mysqli instead this. Also, be care about Sql injection, if you want to use mysql_* functions, use mysql_real_escape_string.
This means $_POST['comment'] has not been defined. In other words, a value for the field named comment has not been submitted by your form.
So you either:
Need to throw an error to your user and tell them comment is a required field and make sure a value is provided before submitting it to the database
Check to see if there is a value before assigning it to a variable. And if there is not, assign a default value.
FYI, Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
You also wide open to SQL injections
You appear to be trying to read data from your form when you generate the HTML document containing the form.
Since the form won't have been submitted at this time, the data won't be there.
You can either:
- Move your form processing to a different script and set the URI for that script in the
action - Branch your logic within the existing script. Test to see if the request method was POST, then decide if you want to process the form data and/or display the form based on that.
Either way, test to see if the array keys exist before trying to read them. If they don't, provide your own error state rather then checking a raw PHP error at the user.
you will have to check if $_POST['comment'] is successful and then execute the query
if isset($_POST['comment']){
$comment=$_POST['comment'];
$tablename="news";
$sql="INSERT INTO $tablename(news_content)VALUES('$comment')";
mysql_query($sql);
}