数据未添加到SQL,没有错误

时间:2017-01-26 13:12:18

标签: php mysql

我对这段代码失去了理智。它似乎工作。没有错误,但是没有任何东西被添加到mysql数据库。我已检查数据库连接是否正常工作。

我希望你能提供帮助。

报名表

<html>
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="initial-scale=1, maximum-scale=1">
        <title>Create a Company</title>
        <link rel="stylesheet" type="text/css" href="/PITAKER/V2/css.css"/>

</head>
<body>
    <h2 class="header"> Create a Company </h2>
    <form action="processcompany.php" method="post">

        <input class="entry" placeholder="Company Name" name="companyname" type="text" required="required"><br>
        <input class="entry" placeholder="GST/VAT/ABN/TAX No" name="taxno" type="text" required="required"><br>
        <input class="entry" placeholder="Address" name="address1" type="text" value=""><br>
        <input class="entry" placeholder="Suburb/County" name="suburb" type="text" value=""><br>
        <input class="entry" placeholder="State" name="state" type="text" value=""><br>
        <input class="entry" placeholder="Post/Zip Code" name="postcode" type="text" value=""><br>
    <input class="entry" placeholder="Country" name="country" type="text" value=""><br>
    <input class="entry" placeholder="Primary Contact" name="primarycontact" type="text" value=""><br>
  <input class="entry" placeholder="Primary Email" name="primaryemail" type="text" value=""><br>
  <input class="entry" placeholder="Subscription Type" name="subscriptiontype" type="text" value=""><br>
  <input class="entry" placeholder="Subscription Status" name="subscriptionstatus" type="text" value=""><br>
  <input class="entry" placeholder="Subscription End Date" name="subscriptionenddate" type="text" value=""><br>

        <input class="button" type="submit">

    </form>
</body>

php脚本添加到mysql

<?php
include 'db.php';

$companyname=$_POST['companyname'];
$taxno=$_POST['taxno'];
$address1=$_POST['address1'];
$suburb=$_POST['suburb'];
$state=$_POST['state'];
$postcode=$_POST['postcode'];
$country=$_POST['country'];
$primarycontact=$_POST['primarycontact'];
$primaryemail=$_POST['primaryemail'];
$subscriptiontype=$_POST['subscriptiontype'];
$subscriptionstatus=$_POST['subscriptionstatus'];
$subscriptionenddate=$_POST['subscriptionenddate'];


$sql = "INSERT INTO `companies` 
                ( `companyid` , `accountno` , `companyname` , 
                `taxno` , `address1` , `address2` , `suburb` , 
                `state` , `postcode` , `country` , `primarycontact` , 
                `primaryemail` , `subscriptiontype` , `subscriptionstatus` , 
                `subscriptionenddate` , `datecreated` ) 
        VALUES ( NULL , 
                NULL , 
            '".mysqli_real_escape_string($conn,$_POST['companyname'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['taxno'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['address1'])."' ,
             NULL , 
            '".mysqli_real_escape_string($conn,$_POST['suburb'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['state'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['postcode'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['country'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['primarycontact'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['primaryemail'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['subscriptiontype'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['subscriptionstatus'])."' , 
            '".mysqli_real_escape_string($conn,$_POST['subscriptionenddate'])."' )";

mysqli_query($conn, $sql);

mysqli_close($conn);
?>

我的数据库文件

<?php

$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = 'a34511pidata';

$conn = mysqli_connect($dbhost,$dbuser,$dbpass);
mysqli_select_db($conn, $db);

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

echo "Database Connected Ok..";

?>

1 个答案:

答案 0 :(得分:0)

如果您使代码可读,您会发现调试更容易。

使用mysqli_时,您需要在发出查询后检查错误。

您还应该使用准备好的和参数化的查询来保护自己免受SQL注入攻击

您的实际错误是您列出了16列,而VALUE列表中只有15个变量。

我用NOW()填充了缺失的列,我认为这将是datecreated列所需的。

<?php
include 'db.php';

$sql = "INSERT INTO `companies` 
                ( `companyid`, `accountno`, `companyname` , 
                `taxno` , `address1`, `address2`, `suburb` , 
                `state` , `postcode`, `country`, `primarycontact` , 
                `primaryemail`, `subscriptiontype` , 
                `subscriptionstatus`, `subscriptionenddate`,    
                `datecreated` ) 
        VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,NOW())";

$stmt = $conn->prepare($sql);
if ( ! $stmt ) {
    echo $stmt->error;
    exit;
}

// I dont know your data type so you may need to check the data types I used here
$stmt->bind_param('iisssssssssssss',
                    NULL, NULL, 
                    $_POST['companyname'],
                    $_POST['taxno'],
                    $_POST['address1'],
                    NULL , 
                    $_POST['suburb'],
                    $_POST['state'], 
                    $_POST['postcode'], 
                    $_POST['country'], 
                    $_POST['primarycontact'], 
                    $_POST['primaryemail'], 
                    $_POST['subscriptiontype'], 
                    $_POST['subscriptionstatus'], 
                    $_POST['subscriptionenddate']
                );



$stmt->execute();
if ( ! $stmt ) {
    echo $stmt->error;
    exit;
}

mysqli_close($conn);
?>
  

我不得不说我觉得你传递NULL作为第二个参数,即列accountno有点奇怪。这可能是您的下一个错误,但这取决于数据库中该列的定义方式。

相关问题