学习PDO简单表单输入不提交数据库
Learning PDO simple form input not submitting to database
我昨天开始学习 PDO,我以为我已经掌握了它,但我 运行 在尝试提交一个简单的表单时再次陷入错误。我在 w3schools 上使用示例,但使用表单输入。
index.php
<form action="submit.php" method="post">
<input type="text" id="name" placeholder"Enter Your Name">
<button type="submit">Submit</button>
</form>
这是我处理表单的页面:
submit.php
<?php
$servername = "localhost";
$username = "testuser";
$password = "testpassword";
$dbname = "testdb";
$nickname = $_POST['name'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
我得到的错误是:
INSERT INTO test (name) VALUES (:nickname)
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':nickname)' at line 2
你必须使用准备好的语句,试试这样的东西:
// query
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$q = $conn->prepare($sql);
$q->execute(array(':nickname'=>$nickname));
怎么样
$q = $conn->prepare("INSERT INTO test (name) VALUES (:nickname)");
// Variant #1
$q->bindParam(':nickname', $nickname, PDO::PARAM_STR);
$q->execute();
// Variant #2
$q->bindValue(':nickname', $nickname, PDO::PARAM_STR);
$q->execute();
// Variant #3
$q->execute([':nickname' => $nickname]);
另请注意:
bindParam() unlike bindValue(), bounds the variable as a reference and it will only be evaluated at the time execute() is called.
首先,您需要创建一个准备好的语句,然后将要插入的值绑定到它。您可以从官方 php.net (http://php.net/manual/en/pdo.prepared-statements.php)
了解更多关于 PDO 的信息
<?php
$servername = "localhost";
$username = "testuser";
$password = "testpassword";
$dbname = "testdb";
$nickname = $_POST['name'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$stm = $conn->prepare($sql);
$stm->bindParam(':nickname', $nickname);
// use exec() because no results are returned
$stm->execute();
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
您缺少两个步骤:
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$conn->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
// use exec() because no results are returned
$conn->exec($sql,array(':nickname' => $username));
echo "New record created successfully";
}
您的表单输入需要一个 name 属性,因为这是它的引用方式。
<input type="text" id="name" placeholder="Enter Your Name">
你不能单靠 "id"。
<input type="text" name="name" id="name" placeholder="Enter Your Name">
^^^^^^^^^^^
- 使用错误报告后,会发出 "Undefined index name..." 通知。
name 属性是 PHP $_POST 数组中的值,因此上面的示例将给出:
$_POST['name'] = <the value you entered into the name input box>
为了进一步说明,<input> 元素 的 id 值没有出现在 PHP $_POST 数据 . POST 数据 需要 名称属性以从表单提交数据。
你快到了,你错过了几步。通过在 sql 字符串中使用 :name 标记,您可以确定要将变量绑定到该标记。这意味着您需要让 PDO 首先准备 sql 查询语句,然后将您的变量绑定到它,然后将它发送到服务器。
像下面的例子:
...
$name = $_POST['name']
$sql = "INSERT INTO nameTable (name) VALUES(:name)";
//this is what you missed
$stmt= $con->prepare($sql);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
//the following is the way of executing a prepared statement, you keep using the $stmt variable, rather than the $con one.
$stmt->execute();
这应该可以正常工作。
我昨天开始学习 PDO,我以为我已经掌握了它,但我 运行 在尝试提交一个简单的表单时再次陷入错误。我在 w3schools 上使用示例,但使用表单输入。
index.php
<form action="submit.php" method="post">
<input type="text" id="name" placeholder"Enter Your Name">
<button type="submit">Submit</button>
</form>
这是我处理表单的页面:
submit.php
<?php
$servername = "localhost";
$username = "testuser";
$password = "testpassword";
$dbname = "testdb";
$nickname = $_POST['name'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
我得到的错误是:
INSERT INTO test (name) VALUES (:nickname) SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':nickname)' at line 2
你必须使用准备好的语句,试试这样的东西:
// query
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$q = $conn->prepare($sql);
$q->execute(array(':nickname'=>$nickname));
怎么样
$q = $conn->prepare("INSERT INTO test (name) VALUES (:nickname)");
// Variant #1
$q->bindParam(':nickname', $nickname, PDO::PARAM_STR);
$q->execute();
// Variant #2
$q->bindValue(':nickname', $nickname, PDO::PARAM_STR);
$q->execute();
// Variant #3
$q->execute([':nickname' => $nickname]);
另请注意:
bindParam()unlikebindValue(), bounds the variable as a reference and it will only be evaluated at the timeexecute()is called.
首先,您需要创建一个准备好的语句,然后将要插入的值绑定到它。您可以从官方 php.net (http://php.net/manual/en/pdo.prepared-statements.php)
了解更多关于 PDO 的信息 <?php
$servername = "localhost";
$username = "testuser";
$password = "testpassword";
$dbname = "testdb";
$nickname = $_POST['name'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$stm = $conn->prepare($sql);
$stm->bindParam(':nickname', $nickname);
// use exec() because no results are returned
$stm->execute();
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
您缺少两个步骤:
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
//Set PDO Error Mode to Exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO test (name)
VALUES (:nickname)";
$conn->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
// use exec() because no results are returned
$conn->exec($sql,array(':nickname' => $username));
echo "New record created successfully";
}
您的表单输入需要一个 name 属性,因为这是它的引用方式。
<input type="text" id="name" placeholder="Enter Your Name">
你不能单靠 "id"。
<input type="text" name="name" id="name" placeholder="Enter Your Name">
^^^^^^^^^^^
- 使用错误报告后,会发出 "Undefined index name..." 通知。
name 属性是 PHP $_POST 数组中的值,因此上面的示例将给出:
$_POST['name'] = <the value you entered into the name input box>
为了进一步说明,<input> 元素 的 id 值没有出现在 PHP $_POST 数据 . POST 数据 需要 名称属性以从表单提交数据。
你快到了,你错过了几步。通过在 sql 字符串中使用 :name 标记,您可以确定要将变量绑定到该标记。这意味着您需要让 PDO 首先准备 sql 查询语句,然后将您的变量绑定到它,然后将它发送到服务器。
像下面的例子:
...
$name = $_POST['name']
$sql = "INSERT INTO nameTable (name) VALUES(:name)";
//this is what you missed
$stmt= $con->prepare($sql);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
//the following is the way of executing a prepared statement, you keep using the $stmt variable, rather than the $con one.
$stmt->execute();
这应该可以正常工作。