我真的不能把它難道不...它看起來罰款我一個理由(如果它是很好,我不會是在這裏問)我的代碼不會插入數據庫
這件事發生之前(見我最近的帖子),我使用了以前項目的代碼(工作正常),但是當我嘗試將它用於此特定項目時,它不起作用。我不知道爲什麼它不會工作在這個特定的時間,因爲它之前工作
任何人都可以告訴我什麼是錯誤的查詢?
<?php
$hostname = "localhost";
$db_user = "#"; // change to your database password
$db_password = "#"; // change to your database password
$database = "#"; // provide your database name
$db_table = "#"; // leave this as is
# STOP HERE
####################################################################
# THIS CODE IS USED TO CONNECT TO THE MYSQL DATABASE
$db = mysql_connect($hostname, $db_user, $db_password);
mysql_select_db($database,$db);
?>
<?php
$date = date("Y-m-d H:i:s");
$cfname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['cfname']);
$cfname = strip_tags($cfname);
$cfname = mysql_real_escape_string($cfname);
$cfname = stripslashes($cfname);
$clname = preg_replace('#[^A-Za-z0-9.,]#i', '', $_POST['clname']);
$clname = strip_tags($clname);
$clname = mysql_real_escape_string($clname);
$clname = stripslashes($clname);
$cname = $cfname+$clname;
$cemail = preg_replace('#[^[email protected]_ ]#i', '', $_POST['cemail']);
$cemail = strip_tags($cemail);
$cemail = mysql_real_escape_string($cemail);
$cemail = stripslashes($cemail);
$cphone = preg_replace('#[^0-9]#i', '', $_POST['cphone']);
$cphone = strip_tags($cphone);
$cphone = mysql_real_escape_string($cphone);
$cphone = stripslashes($cphone);
$caddress = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress']);
$caddress = strip_tags($caddress);
$caddress = mysql_real_escape_string($caddress);
$caddress = stripslashes($caddress);
$caddress2 = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['caddress2']);
$caddress2 = strip_tags($caddress2);
$caddress2 = mysql_real_escape_string($caddress2);
$caddress2 = stripslashes($caddress2);
$cage = preg_replace('#[^0-9]#i', '', $_POST['cage']);
$cage = strip_tags($cage);
$cage = mysql_real_escape_string($cage);
$cage = stripslashes($cage);
$cnationality = preg_replace('#[^A-Za-z,]#i', '', $_POST['cnationality']);
$cnationality = strip_tags($cnationality);
$cnationality = mysql_real_escape_string($cnationality);
$cnationality = stripslashes($cnationality);
$flightno = $_POST['flightno'];
$flightno = strip_tags($flightno);
$flightno = mysql_real_escape_string($flightno);
$resno = $flightno*2;
if (isset($_REQUEST['Submit'])) {
# THIS CODE TELL MYSQL TO INSERT THE DATA FROM THE FORM INTO YOUR MYSQL TABLE
$sql ="INSERT INTO $db_table(cust_name,cust_email,cust_phone,cust_add,cust_add2,cust_age,cust_nationality,flight_no,resno) VALUES ('$cname','$cemail','$cphone','$caddress', '$caddress', '$caddress2', '$cage', '$cnationality', '$flightno', '$resno')";
if($result = mysql_query($sql ,$db)) {
echo '<meta http-equiv="refresh" content="35,search.php" />Thank you for
reserving your e-ticket. Your reservation number is $resno. Please keep it to
confirm your reservation. You can confirm your ticket by calling this number 1-
800-NOTAREALNUMBER or you can visit our offices located in The South Pole next
to Willy Wonkas Chocolate Factory. Have a great day! <p><a
href="search.php"><small>Click here to go back</small></a></p>';
} else {
echo "ERROR: ".mysql_error();
}
} else { echo ""?>
<form onsubmit="return validateForm()" enctype="text/plain" method="post"
action="" name="cusBooking">
<table style="text-align: left; background-color: white; width: 425px; height:
143px;" border="0" cellpadding="1" cellspacing="3">
<tbody>
<tr>
<td>
<small>First name: </small><input type="text" name="cfname" />
</td>
<td>
<small>Last name: </small><input type="text" name="clname" />
</td>
</tr>
<tr>
<td>
<small>Email: </small><input type="text" name="cemail" />
</td>
<td>
<small>Phone number: </small><input type="text" name="cphone" />
</td>
</tr>
<tr>
<td>
<small>Address: </small><input type="text" name="caddress" />
</td>
<td>
<small>Address 2: </small><input type="text" name="caddress2" />
</td>
</tr>
<tr>
<td>
<small>Age: <input type="text" name="cage" />
</td>
<td>
<small>Nationality: </small><input type="text" name="cnationality" />
</td>
</tr>
<tr>
<td>
<input name="flightno" value='<?php echo "$flightno"?>' type="hidden">
</td>
<td>
<input name="Submit" type="image" tabindex="5" src="images/flight_button.png"
value="Submit Your Site" />
</td>
</tr>
</tbody>
</table>
</form>
<?php
}
?>
如果你告訴我們錯誤是什麼,它會有所幫助...... – Quentin 2012-03-28 11:38:52
用'mysql_real_escape_string'轉義數據,然後立即** unescaping **它與'stripslashes'是完全瘋了。 – Quentin 2012-03-28 11:39:15
我絕對不知道大聲笑感謝指針 – 2012-03-28 11:40:45