PHP / Mysql评论框基本编码问题
Hey I would like to add a simple contact box to my web site. I have followed on line tutorials but they never seem to work the way they are meant to: I have set up a table on phpMyadmin called comment with table called comment and 3 columns: id,name and comment. I have used this code for the comment box page...index.php
<html>
<form action="post_comment.php" method="POST">
<input type="text" name="name" value="Your Name"><br>
<textarea name="comment" cols="50" rows="2">Enter your query and contact details</textarea><br>
<input type="submit" value="Submit">
</form>
Then i have another page called post_comment.php with the mysql coding on it...
<?php
mysql_connect("localhost","root","");
mysql_select_db("comment");
$name = $_POST["name"];
$comment = $_POST["comment"];
$comment_length = strlen($comment);
if($comment_length > 100)
{
header("location: index.php?error=1")
}
else
{
mysql_query("INSERT INTO comment VALUES('','$name','$comment')")
header("location: index.php")
}
?>
BUT once i enter details in the input boxes instead of the details being sent to my table i get this error
Parse error: syntax error, unexpected end of file, expecting variable
(T_VARIABLE) or ${ (T_DOLLAR_OPEN_CURLY_BRACES) or {$ (T_CURLY_OPEN)
in C:\xampp\htdocs\tutorials\contact1.php on line 16
Line 16 of my code only has the else statement written on it. Could someone have a look as i know it's basic but I'm just starting out. Thanks in Advance.Paul
嘿我想在我的网站上添加一个简单的联系人框。 我已经按照在线教程进行了操作,但它们似乎从未按照它们的方式工作: 我已经在phpMyadmin上设置了一个名为comment的表,其中包含注释和3列:id,name和comment。 我已将此代码用于评论框页面... index.php p>
&lt; html&gt;
&lt; form action =“post_comment.php”method =“POST” &gt;
&lt; input type =“text”name =“name”value =“Your Name”&gt;&lt; br&gt;
&lt; textarea name =“comment”cols =“50”rows =“2”&gt;输入 您的查询和联系方式&lt; / textarea&gt;&lt; br&gt;
&lt; input type =“submit”value =“提交”&gt;
&lt; / form&gt;
code> pre>
p>
然后我有另一个名为post_comment.php的页面,上面有mysql编码... p>
&lt;?php \ n
mysql_connect(“localhost”,“root”,“”);
mysql_select_db(“comment”);
$ name = $ _POST [“name”];
$ comment = $ _POST [“ 注释“];
$ comment_length = strlen($ comment);
if if($ comment_length&gt; 100)
{
header(”location:index.php?error = 1“)
}
else
{
mysql_query(“INSERT INTO comment VALUES('','$ name','$ comment')”)
header(“location:index.php”)
} \ n
?&gt;
code> pre>
但是一旦我进入detai 输入框中的ls而不是发送到我的表的详细信息我得到此错误 p>
解析错误:语法错误,意外的文件结束,期待变量 p>
第16行的
(T_VARIABLE)或$ {(T_DOLLAR_OPEN_CURLY_BRACES)或{$(T_CURLY_OPEN)
in C:\ xampp \ htdocs \ tutorials \ contact1.php
code> pre>
我的代码的第16行只写了else语句。 有人看看,因为我知道这是基本的,但我刚刚开始。 谢谢Advance.Paul p>
div>
PLEASE, please, look up and understand SQL Injection. Do not put user-text directly into your queries or you're just asking for someone to screw with you. And if "root" is really your login, even worse...utilize a user account with less permissions. Also, you should use PDO or mysqli, as the mysql extension is deprecated.
That said, here is your code, somewhat fixed to sanitize the user-input and fixed syntax errors:
<?php
$conn = mysql_connect("localhost","root","");
mysql_select_db("comment");
$name = mysql_real_escape_string($_POST["name"], $conn);
$comment = mysql_real_escape_string($_POST["comment"], $conn);
$comment_length = strlen($comment);
if($comment_length > 100)
{
header("location: index.php?error=1");
}
else
{
mysql_query("INSERT INTO comment VALUES('','$name','$comment')");
header("location: index.php");
}
Watch your syntax. I have corrected it below but every function call in the if statement had no ';'.
<?php
mysql_connect("localhost","root","");
mysql_select_db("comment");
$name = $_POST["name"];
$comment = $_POST["comment"];
$comment_length = strlen($comment);
if($comment_length > 100)
{
header("location: index.php?error=1");
}
else
{
mysql_query("INSERT INTO comment VALUES('','$name','$comment')");
header("location: index.php");
}
?>