【发布时间】:2015-06-20 00:50:55
【问题描述】:
我的想法是将数据放入文本字段并将其传递给数据库 MySQL,当文本字段被填充并单击按钮时,什么也没发生。当我检查我的数据库时,那里什么都没有。这是为什么?有人可以帮我吗?
<?php
//Connection string for the database MySQL
require 'db.php';
//Check if it's set.
if(isset($_POST['dateLoanGrantedMonth'],
$_POST['dateLoanGrantedDay'],
$_POST['dateLoanGrantedYear'],
$_POST['maturityMonth'],
$_POST['maturityDay'],
$_POST['maturityYear'],
$_POST['expiryMonth'],
$_POST['expiryDay'],
$_POST['expiryYear'],
$_POST['mrs'],
$_POST['name'],
$_POST['resident'],
$_POST['loanInWords'],
$_POST['pesos'],
$_POST['interest'],
$_POST['daysMonths'],
$_POST['pesosInWords'],
$_POST['pesos2'],
$_POST['penaltyInterest'],
$_POST['itemType'],
$_POST['grams'],
$_POST['idPresented'],
$_POST['contactNumber'],
$_POST['birthdayMonth'],
$_POST['birthdayDay'],
$_POST['birthdayYear'],
$_POST['sex'],
$_POST['citizenship'],
$_POST['complexion'],
$_POST['principal'],
$_POST['interestAbsoluteAmount'],
$_POST['serviceChargeAmount'],
$_POST['netProceeds'],
$_POST['perAnum'],
$_POST['perMonth'],
$_POST['others'],
$_POST['descriptionPawn']))
{
//loan_assignment
$dateLoanGrantedMonth = mysqli_real_escape_string($connection, $_POST['dateLoanGrantedMonth']);
$dateLoanGrantedDay = mysqli_real_escape_string($connection, $_POST['dateLoanGrantedDay']);
$dateLoanGrantedYear = mysqli_real_escape_string($connection, $_POST['dateLoanGrantedYear']);
//collateral
$itemType = mysqli_real_escape_string($connection, $_POST['itemType']);
$descriptionPawn = mysqli_real_escape_string($connection, $_POST['descriptionPawn']);
$maturityMonth = mysqli_real_escape_string($connection, $_POST['maturityMonth']);
$maturityDay = mysqli_real_escape_string($connection, $_POST['maturityDay']);
$maturityYear = mysqli_real_escape_string($connection, $_POST['maturityYear']);
$expiryMonth = mysqli_real_escape_string($connection, $_POST['expiryMonth']);
$expiryDay = mysqli_real_escape_string($connection, $_POST['expiryDay']);
$expiryYear = mysqli_real_escape_string($connection, $_POST['expiryYear']);
$mrs = mysqli_real_escape_string($connection, $_POST['mrs']);
$resident = mysqli_real_escape_string($connection, $_POST['resident']);
$loanInWords = mysqli_real_escape_string($connection, $_POST['loanInWords']);
$pesos = mysqli_real_escape_string($connection, $_POST['pesos']);
$interest = mysqli_real_escape_string($connection, $_POST['interest']);
$daysMonths = mysqli_real_escape_string($connection, $_POST['daysMonths']);
$pesosInWords = mysqli_real_escape_string($connection, $_POST['pesosInWords']);
$pesos2 = mysqli_real_escape_string($connection, $_POST['pesos2']);
$penaltyInterest = mysqli_real_escape_string($connection, $_POST['penaltyInterest']);
$grams = mysqli_real_escape_string($connection, $_POST['grams']);
//pawner
$name = mysqli_real_escape_string($connection, $_POST['name']);
$idPresented = mysqli_real_escape_string($connection, $_POST['idPresented']);
$contactNumber = mysqli_real_escape_string($connection, $_POST['contactNumber']);
$birthdayMonth = mysqli_real_escape_string($connection, $_POST['birthdayMonth']);
$birthdayDay = mysqli_real_escape_string($connection, $_POST['birthdayDay']);
$birthdayYear = mysqli_real_escape_string($connection, $_POST['birthdayYear']);
$sex = mysqli_real_escape_string($connection, $_POST['sex']);
$citizenship = mysqli_real_escape_string($connection, $_POST['citizenship']);
$complexion = mysqli_real_escape_string($connection, $_POST['complexion']);
//loan
$principal = mysqli_real_escape_string($connection, $_POST['principal']);
$interestAbsoluteAmount = mysqli_real_escape_string($connection,$_POST['interestAbsoluteAmount']);
$serviceChargeAmount = mysqli_real_escape_string($connection, $_POST['serviceChargeAmount']);
$netProceeds = mysqli_real_escape_string($connection, $_POST['netProceeds']);
$perAnum = mysqli_real_escape_string($connection, $_POST['perAnum']);
$perMonth = mysqli_real_escape_string($connection, $_POST['perMonth']);
$others = mysqli_real_escape_string($connection, $_POST['others']);
// Insert query for loan.
$sql = "INSERT INTO loan (Principal_Loan, Interest_Absolute_Amount, Service_Charge, Net_Proceeds)".
"VALUES ($principal, $interestAbsoluteAmount, $serviceChargeAmount, $netProceeds);";
// Insert query for pawner.
$sql .= "INSERT INTO pawner (Name, Birthdate, Contact_Number, Resident, Valid_ID)".
"VALUES ('".$name."', STR_TO_DATE('".$birthdayYear."-".$birthdayMonth."-".$birthdayDay."', '%Y-%M-%d'),
'".$contactNumber."', '".$resident."', '".$idPresented."');";
// Insert query for collateral.
$sql .= "INSERT INTO collateral (Type, Description, Maturity_Date, Expiry_Date)".
"VALUES ('".$itemType."', '".$descriptionPawn."', STR_TO_DATE('".$maturityYear."-".$maturityMonth."-".$maturityDay."', '%Y-%M-%d'),
STR_TO_DATE('".$expiryYear."-".$expiryMonth."-".$expiryDay."', '%Y-%M-%d'));";
// Insert query for loan_assignment.
$sql .= "INSERT INTO loan_assignment (Date_Loan_Granted, Renewal_Date)".
"VALUES (STR_TO_DATE('".$dateLoanGrantedYear."-".$dateLoanGrantedMonth."-".$dateLoanGrantedDay."', '%Y-%M-%d'), CURDATE())";
mysqli_multi_query($connection, $sql);
mysqli_close($connection);
//require 'pdf';
}
?>
这是我传递数据的 HTML 代码,当我单击保存并打印时,它应该将数据传递到数据库。
<html>
<head>
<meta charset="utf-8">
<title>Home</title>
<!--<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/custom.css">-->
<link href="css/simple-sidebar.css" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-custom navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<p class="systemName">Pawn Broking Management System
<a href="#menu-toggle" class="btn btn-default" id="menu-toggle">Toggle Menu</a>
</p>
</div>
<div class="logout" align="right"><a href="#" class="textLogout">Logout</a> </div>
</div>
</nav>
<br><br><br>
<div id="wrapper">
<div id="sidebar-wrapper">
<ul class="sidebar-nav">
<br><br><br><br>
<li>
<a href="PriceReference.php">Price Reference</a>
</li>
<li>
<a href="Scan.php">Scan Barcode</a>
</li>
<li>
<a data-toggle="collapse" data-target="#demo"> Manage Peónline Account <i class="fa fa-fw fa-caret-down"></i></a>
<ul id="demo" class="collapse">
<li>
<a href="Upload.php">Upload Photos</a>
</li>
<li>
<a href="ViewPost.php">View Posts</a>
</li>
<li>
<a href="ViewReservation.php">View Reservation</a>
</li>
</ul>
</li>
<li>
<a href="AllTransactions.php">All Transactions</a>
</li>
</ul>
</div>
<div id="page-content-wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-lg-12">
<form method="post" class="formFont">
<div class="container">
<div class="row">
<div class="col-md-6"></div>
<div class="col-md-5"> <br><br>
Maturity Date:
<select name="maturityMonth" id = "month" onfocus = "monthFunction();">
<option value = "">Month</option>
</select>
<select name="maturityDay" id = "day" onfocus = "dayFunction();">
<option value = "">Day</option>
</select>
<select name="maturityYear" id = "year" onfocus = "yearFunction();" >
<option value = "">Year</option>
</select>
<br>
Expiry Date:
<select name="expiryMonth"id = "emonth" onfocus = "emonthFunction();">
<option value = "">Month</option>
</select>
<select name="expiryDay" id = "eday" onfocus = "edayFunction();">
<option value = "">Day</option>
</select>
<select name="expiryYear" id = "eyear" onfocus = "eyearFunction();" >
<option value = "">Year</option>
</select>
</div>
<div class="col-lg-10">
Date Loan Granted:
<select name="dateLoanGrantedMonth" id = "dlgmonth" onfocus = "dlgmonthFunction();">
<option value = "">Month</option>
</select>
<select name="dateLoanGrantedDay" id = "dlgday" onfocus = "dlgdayFunction();">
<option value = "">Day</option>
</select>
<select name="dateLoanGrantedYear" id = "dlgyear" onfocus = "dlgyearFunction();" >
<option value = "">Year</option>
</select>
<div class="form-group">
<br>
<label class="radio-inline">
<input type="radio" name="mrs" value="Mr.">Mr.
</label>
<label class="radio-inline">
<input type="radio" name="mrs" value="Mrs.">Mrs.
</label>
<label class="radio-inline">
<input type="radio" name="mrs" value="Ms.">Ms.
</label>
<input type="text" name="name" class="input-custom">
a resident of <input type="text" name="resident" class="input-custom"> <br><br>
for a loan of <input type="text" name="loanInWords" class="input-custom"> PESOS
₱ <input type="text" name="pesos" class="input-custom-peso">
with an interest of
<select name="interest" name="interest" id="interestOf" onfocus="interestOfFunction();">
<option value="">%</option>
</select><br><br>
for
<select name="count" name="daysMonths" id="for" onfocus="forFunction();">
<option value = "">choose</option>
</select>
<input type="radio" name="daysM" value="days"> day/s
<input type="radio" name="daysM" value="months"> month/s
has pledge to this Pawnee as security for the loan, article(s) described below appraised<br><br>
at PESOS <input type="text" name="pesosInWords" class="input-custom">
₱ <input type="text" name="pesos2"class="input-custom-peso">
subject to the terms and conditions <br><br>stated on the reverse side hereof. <br><br>
Penalty interest, if any:
<select name="penaltyInterest" id="penaltyInterest" onfocus="penaltyInterestFunction();">
<option value="0">0%</option>
</select><br><br><br>
<div class="col-md-6">
Description of Pawn <br><br>
<textarea class="form-control-custom2" name="descriptionPawn" rows="3" placeholder="ring, necklace, etc."></textarea> <br>
Item type
<select name="itemType" id="itemType" onFocus="itemTypeFunction();">
<option value="">Choose</option>
</select><br><br>
Grams
<input type="text" class="customerHW"><br>
ID Presented
<select name="idPresented" id="idPresented" onFocus="idPresentedFunction();">
<option value="">Choose</option>
</select><br><br><br>
Contact Number: <br>
<input type="text" name="contactNumber" class="contactNumber"> <br><br>
Miscellaneous <br><br>
Birthday
<select name="birthdayMonth" id = "bmonth" onfocus = "bmonthFunction();">
<option value = "">Month</option>
</select>
<select name="birthdayDay" id = "bday" onfocus = "bdayFunction();">
<option value = "">Day</option>
</select>
<select name="birthdayYear" id = "byear" onfocus = "byearFunction();" >
<option value = "">Year</option>
</select> <br><br>
Sex
<label class="radio-inline">
<input type="radio" name="sex" value="Male">Male
</label>
<label class="radio-inline">
<input type="radio" name="sex" value="Females">Female
</label> <br><br>
Citizenship <br>
<input type="text" name="citizenship" class="customerHW"><br>
Complexion <br>
<input type="text" name="complexion" class="customerHW"><br>
<hr>
</div>
<br><br>
<div class="col-md-6">
<a class="principalText">Principal </a>
₱ <input type="text" name="principal" class="input-custom"> <br><br>
<a class="principalText">Interest in absolute amount</a>
<select name="interestAbsoluteAmount" id="interestAbsoluteAmount" onfocus="interestAbsoluteAmountFunction();">
<option value="0">0%</option>
</select><br><br>
<a class="SCA">Service Charge in amount</a>
<input type="text" name="serviceChargeAmount" class="input-custom"> <br><br>
<a class="NP">Net Proceeds</a>
₱ <input type="text" name="netProceeds" class="input-custom"> <br><br><br>
Effective Interest Rate in Percent <br>
Please check: <br><br>
<input type="checkbox" name="perAnum" value="perAnum"> Per Anum
<input type="checkbox" name="perMonth" value="perMonth"> Per Month <br>
<input type="checkbox" name="others" value="others"> Others
<input type="text" class="input-custom"> <br><br><br><br>
<hr><br><br><br><br><br><br><br><br><br><br><br><br>
Appraiser Name
<input type="text" name="appraiserName" class="input-custom"> <br><br><br><br>
<button id="" type="submit" class="btn btn-danger" align="right">Save and Print</button>
</div>
</div>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<script src="js/jquery.js"></script>
<script src="js/custom.js"></script>
<script src="js/bootstrap.min.js"></script>
<script>
$("#menu-toggle").click(function(e) {
e.preventDefault();
$("#wrapper").toggleClass("toggled");
});
</script>
<footer>
<center> Copyright 2015 - PBMS. All rights reserved. </center>
</footer>
</body>
</html>
【问题讨论】:
-
破解此代码并将我自己作为典当者抹去或添加全新的值大约需要 10 分钟。所以请阅读php.net/manual/en/book.mysqli.php 了解如何使用绑定变量(专业人士:代码更少,因为您不必再转义所有数据了)。
-
这看起来比严格需要的代码多。你能进一步减少代码直到no code can be removed while still running into the problem吗?
-
另外,某些 STR_TO_DATE 函数似乎存在问题,字符串的顺序,月、日、年,与格式说明符 %Y-%m-%d 不匹配.
-
另一个被遗弃的问题?给出的答案,其中一个没有回应。根据您的其他问题stackoverflow.com/q/31115812 与人们交谈,他们不知道那里发生了什么。
-
提示:不要进行 SQL 注入!