为什么我的数据库在连接和包含时不能获取用户的表单信息?

o8x7eapl  于 2021-06-17  发布在  Mysql
关注(0)|答案(1)|浏览(387)

我正在尝试向我的数据库中添加一些信息。代码会执行,但不会显示在数据库中。如果有人能帮我,我会很高兴的!非常感谢你!节日快乐:)!
我试着用默认值运行程序。我也尝试过不同的语法。我尝试交换header和mysqli\u close()的位置。

$conn = mysqli_connect("localhost", "root", "root", "Store");

$nameTshirt = 'T-Shirt NDOE';
$priceTshirt = 35.00;
$nameAlbum = 'Thousands of Scars Album';
$size = $_GET['size'];
$quantity = $_GET['quantityOne'];

    $sql = "INSERT INTO shoppingCart(name, size, quantity, price) 
    VALUES ('T-Shirt NDOE', 'XL', '3', 35.00);";
mysqli_query($conn, $sql);

header("Location: Store - EN.php?item=added");
mysqli_close($conn);

从以下表单中获取用户的输入:

<form action="addTshirt.php">
 <div class="item">
 <img src="../Images/store/NDOE - T-SHIRT-b-600x600.jpg" width="300" height="300" alt="NDOE T-Shirt image" class="storeimage">
 </div>
 <div class = "name"> <b>NDOE T-Shirt</b></div>
 <div class = "price">35.00</div>

 <div class = "name2">Size:
    <select class = "drop" name = "size">
        <option value = "select">Select</option>
        <option value = "S">S</option>
        <option value = "M">M</option>
        <option value = "L">L</option>
        <option value = "XL">XL</option>
    </select>
 </div>
 <div class="name2">Quantity:

    <select class = "quantity" name = "quantityOne">
        <option value = "0">0</option>
        <option value = "1">1</option>
        <option value = "2">2</option>
        <option value = "3">3</option>
        <option value = "4">4</option>
        <option value = "5">5</option>
        <option value = "6">6</option>
        <option value = "7">7</option>
        <option value = "8">8</option>
        <option value = "9">9</option>
        <option value = "10">10</option>
    </select></div>

    <div class="wrapper">
        <input type="submit" class = "buttonP" name="tshirtButton" value="Add to cart">
    </div>

</div>
</form>
</div>
</td>
u5i3ibmn

u5i3ibmn1#

你没有使用你的变量。
您还应该使用一个prepared语句来防止sql注入。

$nameTshirt = 'T-Shirt NDOE';
$priceTshirt = 35.00;
$nameAlbum = 'Thousands of Scars Album';
$size = $_GET['size'];
$quantity = $_GET['quantityOne'];

$stmt = mysqli_prepare($conn, "INSERT INTO shoppingCart(name, size, quantity, price) 
    VALUES (?, ?, ?, ?);") or die(mysqli_error($conn);
mysqli_stmt_bind_param($stmt, "ssid", $nameTshirt, $size, $quantity, $priceTshirt);
mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($stmt);

相关问题