1. 首頁
  2. 問答
  3. 加入jQuery的日期到mysql

加入jQuery的日期到mysql

2013-04-22 33 views
-2

我的形式捕獲從jQuery的日期選擇日期,形式工作正常,無日期選取器,但有了它,它只是給這個錯誤:加入jQuery的日期到mysql

Error: Unknown column '$time' in 'field list'

下面是我的PHP & HTML代碼

<?php 

    //form submitted 
    if (isset($_POST['create'])) { 
    //require db details 
    require_once '../dblogin.php'; 
    //set flag 
    $OK = false; 
    // create database connection 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    // initialize prepared statement 
    $stmt = $conn->stmt_init(); 
    // create SQL to insert task 
    $sql = 'INSERT INTO tasks (task_name, task_project_id, task_assignee_id, datepicker, task_created_by, task_schedule, task_duration, task_end_date, task_creation_date, task_notes, task_status) 
      VALUES(?, ?, ?, ?, '.$_SESSION['id'].', ?, ?, $time, NOW(), ?, ?)'; 

     if ($stmt->prepare($sql)) { 
     // bind parameters and execute statement 
     $stmt->bind_param('siissss', $_POST['task_name'], $_POST['task_project_id'], $_POST['task_assignee_id'], $_POST['datepicker'], $_POST['task_duration'], $_POST['task_notes'], $_POST['task_status']); 
     // execute and get number of affected rows 
     $stmt->execute(); 
      if ($stmt->affected_rows > 0) { 
      $OK = true; 
      } 
     } 
     // redirect if successful or display error 
     if ($OK) { 
     header('Location: task_confirmation.php'); 
     exit; 
     } else { 
     $error = $stmt->error; 
     } 
} 
?> 
<!DOCTYPE html PUBLIC 「-//W3C//DTD XHTML 1.0 Strict//EN」 
「http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd」> 
<html xmlns=」http://www.w3.org/1999/xhtml」> 
<head> 
<meta http-equiv=」Content-Type」 content=」text/html; charset=utf-8」 /> 
<title>Create new task</title> 
<script src="http://code.jquery.com/jquery-1.9.1.js"></script> 
<script src="http://code.jquery.com/ui/1.10.1/jquery-ui.js"></script> 
<script> 
    $(function() { 
     $("#datepicker").datepicker({dateFormat: 'yy-mm-dd' }); 
    }); 
</script> 
<link rel="stylesheet" type="text/css" href="../allcss/style.css" /> 
</head> 

<body> 

<?php 
require('../Login/includes/header.inc.php'); 
?> 

<div id="content"> 
<?php if (isset($error)) { 
    echo "<p>Error: $error</p>"; 
} ?> 
<form id="form1" method="post" action=""> 
<div id="add"> 
    <p> 
    <label for="task_name"class="title">Task name:</label> 
    <input name="task_name" type="text" class="widebox" id="task_name"> 
    </p> 
    <p> 
    <span class="title">Project: </span><select name="task_project_id" size "5"> 
    <?php 
    require_once '../dblogin.php'; 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    $stmt2 = $conn->stmt_init(); 
    //pulls project names for the select element// 
    $sql2 = 'select * from projects'; 
    $stmt2->prepare($sql2); 
    $stmt2->execute(); 
    $result = $stmt2->get_result(); 
    while($resultRow = $result->fetch_array(MYSQLI_ASSOC)) 
    { 
    var_dump($resultRow); 
     echo "<option value='".$resultRow[project_id]."'>".$resultRow[project_name]."</option>"; 

    } 
    $result->close(); 
    $stmt2->close(); 
    ?> 
    </select> 
    </p> 
    <p> 
    <span class="title">Assignee: </span><select name="task_assignee_id" size "5"> 
    <?php 
    require_once '../dblogin.php'; 
    $conn = new mysqli ($host, $user, $password, $database) or die("Connection Failed"); 
    $stmt3 = $conn->stmt_init(); 
    //pulls intern names for the select element// 
    $sql3 = "select * from users where user_role='INT'"; 
    $stmt3->prepare($sql3); 
    $stmt3->execute(); 
    $result = $stmt3->get_result(); 
    while($resultRow = $result->fetch_array(MYSQLI_ASSOC)) 
    { 
    var_dump($resultRow); 
     echo "<option value='".$resultRow[person_id]."'>".$resultRow[user_name]."</option>"; 

    } 
    $result->close(); 
    $stmt3->close(); 
    ?> 
    </select> 
    </p> 
    <p> 
    <label for="dates"class="title">Schedule for:</label> 
    <input name="datepicker" type="text" id="datepicker"/> 
    </p> 
    <p> 
    <span class="title">Duration: </span><select name="task_duration" size "1"> 
    <option value="00:30:00">30 minutes</option> 
    <option value="01:00:00">1 hour</option> 
    <option value="01:30:00">1,5 hours</option> 
    </select> 
    </p> 
    <p> 
    <label for="task_notes"class="title">Additional notes:</label> 
    <input name="task_notes" type="text" class="widebox" id="task_notes"> 
    </p> 
    <p> 
    <span class="title">task status: </span><select name="task_status" size "1"> 
    <option value="Complete">Complete</option> 
    <option value="Incomplete">Incomplete</option> 
    </select> 
    </p> 
    <p class="submit"> 
    <input type="submit" name="create" value="Create task" id="create"> 
    </p> 
</div> 
</form> 
</div> 

<?php 
require('../Login/includes/footer.inc.php'); 
?> 

</body> 
</html>

誰能幫我解決這個請

來源

2013-04-22 elmmm

+0

當您使用引號分隔字符串時,它們中的變量將不會被解析。使用'''' – 2013-04-22 09:29:41

+0

您好@elmmm您確定獲取$ time變量的值嗎?嘗試調試。我可以看到您沒有獲得$ time的值。同時在插入數據庫時​​使用''(雙引號)來分開值 – Anish 2013-04-22 09:32:27

+0

使用準備好的語句 – 2013-04-22 09:33:46

回答

0

您正在使用單引號查詢。這樣$time沒有擴展到變量值。你應該用雙引號(")是這樣的:

"INSERT INTO tasks (task_name, task_project_id, task_assignee_id, datepicker, task_created_by, task_schedule, task_duration, task_end_date, task_creation_date, task_notes, task_status) 
     VALUES(?, ?, ?, ?, ".$_SESSION['id'].", ?, ?, $time, NOW(), ?, ?)";

此外,我認爲你應該使用一個參數$_SESSION['id']$time,也因爲everyting來自用戶不能真正信任。

來源

2013-04-22 09:30:17 Manuel

+0

你意思是我應該更新這個:$ _POST ['datepicker'] – elmmm 2013-04-22 09:34:20

+0

您詢問的錯誤來自於在單引號中使用列名稱的變量,但您也應該使用準備好的語句變量來處理所有用戶輸入因爲我可以看到你已經用'$ _POST ['datepicker']' – Manuel 2013-04-22 09:37:08

1

出於某種原因,您沒有使用$time值的準備語句(以及$ _SESSION ['id'])。

這是要麼是危險的,而是你得到的錯誤的原因。

$sql = 'INSERT INTO tasks (task_name, task_project_id, task_assignee_id, 
     datepicker, task_created_by, task_schedule, task_duration, 
     task_end_date, task_creation_date, task_notes, task_status) 
     VALUES(?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, ?)'; 

if ($stmt->prepare($sql)) { 
// bind parameters and execute statement 
    $stmt->bind_param('siisissss', $_POST['task_name'], $_POST['task_project_id'], 
    $_POST['task_assignee_id'], $_POST['datepicker'], $_SESSION['id'], 
    $_POST['task_duration'], $time, $_POST['task_notes'], $_POST['task_status']);

它應該是,或類似的東西。你需要自己檢查佔位符,類型字符串和相應的值。

來源

2013-04-22 09:32:29

+0

這樣做了,謝謝。語法錯誤,意外$ end <<它給了我這個錯誤的最後行 – elmmm 2013-04-22 09:38:15

+0

,聽起來像一個結束符}}在某處丟失 – Manuel 2013-04-22 09:39:07

+0

@曼努埃爾感謝這是一個語法錯誤,它現在的作品謝謝你們 – elmmm 2013-04-22 09:49:40

相關問題

 相關問題