用于从web表单输入文本的MySQL / PHP数据库连接

时间:2022-10-13 09:43:30

I have a simple web form, which I want the user to fill out and when they click the submit button the information from the form should be inserted into the correct tables in the mySQL database for later use. I have a database called foundation_fitness with a table called Client.

我有一个简单的web表单,我希望用户填写它,当他们单击submit按钮时,表单中的信息应该插入到mySQL数据库中的正确表中,以便以后使用。我有一个名为foundation_fitness的数据库,其中有一个名为Client的表。

The problem I am facing is this error message upon clicking submit:

我所面临的问题是在点击提交时出现的错误信息:

Notice: Undefined index: exampleInputEmail1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 19

注意:Undefined index: exampleInputEmail1 in C:\xampp\htdocs\ffitness\dist\new_client。php在19行

Notice: Undefined index: forname1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 20

注意:没有定义的索引:forname1在C:\xampp\htdocs\ffitness\dist\new_client。php在20行

Notice: Undefined index: surname1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 21

注意:没有定义的索引:在C中的surname1:\xampp\htdocs\ffitness\dist\new_client。php在第21行

Notice: Undefined index: height1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 22

注意:没有定义的索引:hght1 in C:\xampp\htdocs\ffitness\dist\new_client。php在第22行

Notice: Undefined index: weight1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 23

注意:没有定义的索引:weight1 in C:\xampp\htdocs\ffitness\dist\new_client。php在第23行

Notice: Undefined index: bodyfat1 in C:\xampp\htdocs\ffitness\dist\new_client.php on line 24

注意:未定义的索引:C:\xampp\htdocs\ffitness\dist\new_client。php在24行

Below is my code for new_client.php. EDIT: Changed Foundation_fitness to Client for the INSERT INTO

下面是我的new_client.php代码。编辑:将Foundation_fitness更改为客户端,以便插入

<?php

define('DB_NAME', 'foundation_fitness');
define('DB_USER', 'root');
define('DB_HOST', 'localhost');

$link = mysql_connect(DB_HOST, DB_USER);

if (!$link) {
     die('Could not connect: ' . mysql_error());
     }

     $db_selected = mysql_select_db(DB_NAME, $link);

     if (!$db_selected) {
     die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
     }

     $value2 = $_POST['exampleInputEmail1'];
     $value3 = $_POST['forname1'];
     $value4 = $_POST['surname1'];
     $value5 = $_POST['height1'];
     $value6 = $_POST['weight1'];
     $value7 = $_POST['bodyfat1'];

     $sql = "INSERT INTO client (Client_email, Client_forename, Client_surname, Height, Weight, Body_fat) VALUES ('$value2', 
     '$value3', '$value4', '$value5', '$value6')";

    $result = mysql_query($sql);

     mysql_close();

And the code for my html form is as follows: EDIT - Changed method mistake and id to name

我的html表单的代码如下:编辑-修改方法错误,id为name

<form action="new_client.php" method="POST">
        <div class="form-group">
          <label for="exampleInputEmail1">Email address</label>
          <input type="email" class="form-control" name="exampleInputEmail1" placeholder="Enter email">
        </div>
        <div class="form-group">
          <label for="forename1">Forename</label>
          <input type="text" class="form-control" name="forname1" placeholder="Enter First Name">
        </div>
        <div class="form-group">
          <label for="surname1">Surname</label>
          <input type="text" class="form-control" name="surname1" placeholder="Enter Surname">
        </div>
        <div class="form-group">
          <label for="height1">Height (cm)</label>
          <input type="text" class="form-control" name="height1" placeholder="Enter Height">
        </div>
        <div class="form-group">
          <label for="weight1">Weight (kgs)</label>
          <input type="text" class="form-control" name="weight1" placeholder="Enter Weight">
        </div>
        <div class="form-group">
          <label for="bodyfat1">Body Fat %</label>
          <input type="text" class="form-control" name="bodyfat1" placeholder="Enter Body Fat Percentage">
        </div>
        <button type="submit" class="btn btn-default">Submit</button>
      </form>

Any help with the error and getting the php script working would be much appreciated!

如果您能帮助解决这个错误并使php脚本正常工作,我们将非常感激!

EDIT: I am now not getting the error message as I changed the method mistake and id to name in the HTML form. I am still not able to get the information into the table on the mySQL database even with the additional change of the table name which should have been client as I do not have a table called foundation_fitness that is the database name.

编辑:当我在HTML表单中将方法错误和id更改为name时,我现在没有收到错误消息。我仍然无法将信息放到mySQL数据库上的表中,即使对表名进行了额外的更改(应该是客户机),因为我没有一个名为foundation_fitness的表,该表是数据库名。

3 个解决方案

#1


3  

It means that there are no such keys in the $_POST array. You should use name attribute (not id) for the form elements if you want to use them later as keys in the $_POST array. Also, you have a typo : mehtod should be method attribute in your form element.

这意味着$_POST数组中没有这样的键。如果以后想要在$_POST数组中使用name属性(而不是id)作为键,则应该对表单元素使用name属性(而不是id)。此外,您还有一个错别字:mehtod应该是表单元素中的method属性。

#2


1  

Your INSERT statement uses foundation_fitness as the table name, which is the same as your DB name. Your answer to @notulysses comment suggests the table name should be client

插入语句使用foundation_fitness作为表名,与DB名称相同。你对@notulysses评论的回答表明,表名应该是客户端。

INSERT INTO client ...

Can you confirm that you have a foundation_fitness table inside your foundation_fitness database.

能否确认在foundation_fitness数据库中有一个foundation_fitness表。

EDIT:

编辑:

If your table name is Client, your query might have to be INSERT INTO Client, since table names could be case sensitive, depending on the underlying file system. Also, the error seems to be happening at the mysql level, so you can change your code this way to actually see the error :

如果您的表名是Client,那么您的查询可能必须插入到Client中,因为根据底层文件系统,表名可能是区分大小写的。此外,错误似乎发生在mysql级别,所以您可以这样更改代码,以实际看到错误:

$result = mysql_query($sql);
if ($result !== false) {
    // everything is fine, proceed with script
} else {
    // Something went wrong :
    die(mysql_error($link)); // to see the error from MySQL
}

The error output from MySQL should help you a lot, if not, post it here so we can further help you.

MySQL的错误输出应该会对您有很大帮助,如果没有,请在这里发布,以便我们可以进一步帮助您。

As a side note, mysql_connect is deprecated as of PHP 5.5, so perhaps looking into PDO would be a good start to refactoring your code.

顺便说一句,在PHP 5.5中,mysql_connect是不赞成的,因此,研究PDO可能是重构代码的一个良好开端。

Another thing (very important) : your query is exposed to SQL Injection, you are taking user input without validation and/or sanitization. If that is your production code, you absolutely need to fix it. You should use prepared statements to shield yourself from SQL injection.

另一件事(非常重要):您的查询暴露在SQL注入中,您在没有验证和/或消毒的情况下接受用户输入。如果这是您的生产代码,您绝对需要修复它。您应该使用准备好的语句来避免SQL注入。

#3


0  

You are getting these notices because of post request to same page. Once the page load it read your php code but couldn't find any post data. As you are using single php file i.e form's 'action' is redirecting the page to itself. So once you fill the form and click submit these notices disappear, as data is sent via post. You can hide these notices by usingerror_reporting(E_ALL ^ E_NOTICES). It hides all the notice error you are getting. But I would recommend you to use a different page for form action redirect to insert data into database and then redirect that page back to you main page using header('Location:newclient.php').

您将收到这些通知,因为post请求到相同的页面。一旦页面加载,它将读取php代码,但无法找到任何post数据。当您使用单个php文件i时。e表单的“动作”将页面重定向到自身。一旦你填好表格,点击提交,这些通知就会消失,因为数据是通过post发送的。你可以隐藏这些通知usingerror_reporting(E_ALL ^ e_notice)。它隐藏了所有的通知错误。但是我建议您使用另一个页面进行表单操作重定向,将数据插入数据库,然后使用header将页面重定向回主页面(“Location:newclient.php”)。

#1


3  

It means that there are no such keys in the $_POST array. You should use name attribute (not id) for the form elements if you want to use them later as keys in the $_POST array. Also, you have a typo : mehtod should be method attribute in your form element.

这意味着$_POST数组中没有这样的键。如果以后想要在$_POST数组中使用name属性(而不是id)作为键,则应该对表单元素使用name属性(而不是id)。此外,您还有一个错别字:mehtod应该是表单元素中的method属性。

#2


1  

Your INSERT statement uses foundation_fitness as the table name, which is the same as your DB name. Your answer to @notulysses comment suggests the table name should be client

插入语句使用foundation_fitness作为表名,与DB名称相同。你对@notulysses评论的回答表明,表名应该是客户端。

INSERT INTO client ...

Can you confirm that you have a foundation_fitness table inside your foundation_fitness database.

能否确认在foundation_fitness数据库中有一个foundation_fitness表。

EDIT:

编辑:

If your table name is Client, your query might have to be INSERT INTO Client, since table names could be case sensitive, depending on the underlying file system. Also, the error seems to be happening at the mysql level, so you can change your code this way to actually see the error :

如果您的表名是Client,那么您的查询可能必须插入到Client中,因为根据底层文件系统,表名可能是区分大小写的。此外,错误似乎发生在mysql级别,所以您可以这样更改代码,以实际看到错误:

$result = mysql_query($sql);
if ($result !== false) {
    // everything is fine, proceed with script
} else {
    // Something went wrong :
    die(mysql_error($link)); // to see the error from MySQL
}

The error output from MySQL should help you a lot, if not, post it here so we can further help you.

MySQL的错误输出应该会对您有很大帮助,如果没有,请在这里发布,以便我们可以进一步帮助您。

As a side note, mysql_connect is deprecated as of PHP 5.5, so perhaps looking into PDO would be a good start to refactoring your code.

顺便说一句,在PHP 5.5中,mysql_connect是不赞成的,因此,研究PDO可能是重构代码的一个良好开端。

Another thing (very important) : your query is exposed to SQL Injection, you are taking user input without validation and/or sanitization. If that is your production code, you absolutely need to fix it. You should use prepared statements to shield yourself from SQL injection.

另一件事(非常重要):您的查询暴露在SQL注入中,您在没有验证和/或消毒的情况下接受用户输入。如果这是您的生产代码,您绝对需要修复它。您应该使用准备好的语句来避免SQL注入。

#3


0  

You are getting these notices because of post request to same page. Once the page load it read your php code but couldn't find any post data. As you are using single php file i.e form's 'action' is redirecting the page to itself. So once you fill the form and click submit these notices disappear, as data is sent via post. You can hide these notices by usingerror_reporting(E_ALL ^ E_NOTICES). It hides all the notice error you are getting. But I would recommend you to use a different page for form action redirect to insert data into database and then redirect that page back to you main page using header('Location:newclient.php').

您将收到这些通知,因为post请求到相同的页面。一旦页面加载,它将读取php代码,但无法找到任何post数据。当您使用单个php文件i时。e表单的“动作”将页面重定向到自身。一旦你填好表格,点击提交,这些通知就会消失,因为数据是通过post发送的。你可以隐藏这些通知usingerror_reporting(E_ALL ^ e_notice)。它隐藏了所有的通知错误。但是我建议您使用另一个页面进行表单操作重定向,将数据插入数据库,然后使用header将页面重定向回主页面(“Location:newclient.php”)。