将表单数据发送到 MySQL

Question

我正在尝试将表单数据发送到 MySQL。我在网上找到了大量代码，所以我正在复制、粘贴和创建 PHP 脚本并将它们添加到我的 phpAdmin 中，但我真的不知道。

1. 我不知道要在表单中添加什么来告诉表单将​​数据发送到我的数据库。我已经在表单中有一个操作代码，我可以有两个吗？

2. 我在我的phpAdmin中创建了一个表，但我不知道它是否真的可以工作。

这是我保存在 public_html 文件夹中的 PHP 代码，带有通用用户名、数据库名称和密码。我使用 IP 地址而不是 Localhost，因为这个数据库是通过 Bluehost 而不是我自己的计算机在 Internet 上的。

<?php

// This function will run within each post array including multi-dimensional arrays
function ExtendedAddslash(&$params)
{
        foreach ($params as &$var) {
            // check if $var is an array. If yes, it will start another ExtendedAddslash() function to loop to each key inside.
            is_array($var) ? ExtendedAddslash($var) : $var=addslashes($var);
        }
}

     // Initialize ExtendedAddslash() function for every $_POST variable
    ExtendedAddslash($_POST);     




$submission_id = $_POST['submission_id'];
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$homeclub = $_POST['homeclub'] ;
$course1 = $_POST['course1'] ;
$course2 = $_POST['course2'] ;
$winner = $_POST['winner'] ;



$db_host = 'localhost';
$db_username = 'userrname';
$db_password = '';
$db_name = 'dbName';
mysql_connect( $db_host, $db_username, $db_password) or die(mysql_error());
mysql_select_db($db_name);


// search submission ID

$query = "SELECT * FROM `table_name` WHERE `submission_id` = '$submission_id'";
$sqlsearch = mysql_query($query);
$resultcount = mysql_numrows($sqlsearch);

if ($resultcount > 0) {
 
    mysql_query("UPDATE `table_name` SET
                                `name` = '$name',
                                `email` = '$email',
                                `homeclub` = '$homeclub',
                                `course1` = '$course1',
                                `course2` = '$course2'  
                    `winner` = '$winner'
                             WHERE `submission_id` = '$submission_id'")
     or die(mysql_error());
   
} else {

    mysql_query("INSERT INTO `table_name` (submission_id, formID, IP,
                                                                          name, email, homeclub, course1, course2, winner)
                               VALUES ('$submission_id', '$formID', '$ip',
                                                 '$name', '$email', '$homeclub', '$course1', '$course2', '$winner') ")
    or die( mysql_error()); 

}
?>

我们将不胜感激。

Answer 1

很抱歉，您的代码已经过时了。您需要验证您的价值，以防缺少某些东西。我使用 Nulls coling 来执行此操作（-> ?? ""），然后您使用 mysql。您可以使用 mysqli，但我更喜欢并推荐 PDO，因为它更容易。而不是先询问数据库是否有插入，如果有一个具有相同 id 的插入，只需说嘿更新，或者插入是（这使得替换）。但为了做到这一点，请让 submit_id 在数据库中唯一

https://joshuaotwell.com/use-mysql-unique-constraint-in-phpmyadmin/

PS：此代码未经测试，但应该可以工作，否则将您的完整错误报告消息发送给我

<?php

// read variables or assign them a default value
$submission_id  = $_POST['submission_id'] ?? 0;
$name           = $_POST['name']          ?? "";
$email          = $_POST['email']         ?? "";
$homeclub       = $_POST['homeclub']      ?? "";
$course1        = $_POST['course1']       ?? ""; // make array out of this
$course2        = $_POST['course2']       ?? "";
$winner         = $_POST['winner']        ?? "";

// mysql is deprecated use pdo instead
$pdo = new PDO('mysql:host='.$db_host.';dbname='.$db_name, $db_username, $db_password)

// if exists -> replace, if not exist insert (replace makes that in one query)
// submission_id must be flagged as unique in mysql otherwise it will insert a new row every time
// I use prepared statements so first tell database what to do then the value
// prevents hacking and increase secureity
$query = 'REPLACE table_name SET
  name = :name
  , email = :email
  , homeclub = :homeclub
  , course1 = :course1
  , course2 = :course2
  , winner = :winner
  , submission_id = :submission_id';

$statement = $pdo->prepare($query);
$statement->execute(array(
  ':name' = $name
  , ':email' = $email
  , ':homeclub' = $homeclub
  , ':course1' = $course1
  , ':course2' = $course2
  , ':winner' = $winner
  , ':submission_id' = $submission_id
));