PHP 请求未获得价值
PHP request isn't get value
我有一个滑块,其中一个在标签中。我想将滑块放入数据库。
在“index.php”中:
<form class="" action="insert.php" method="$_POST">
<input type="range" min="1" max="10" value="5" class="slider" id="myRange" name="myrange">
<p>Value: <span id="demo"></span></p>
<button id="btn1">Click Here</button>
</form>
并在 insert.php 中:
<?php
$getRangeValue = $_GET['myRange'];
$mysqli = new mysqli("localhost","root","passwd","table_name");
//
// Check connection
if ($mysqli -> connect_errno) {
echo "Failed to connect to MySQL: " . $mysqli -> connect_error;
exit();
}
$mysqli -> query("INSERT INTO ertekek (RangeValue, anotherValue) VALUES ($getRangeValue, 11)");
echo "New record has id: " . $mysqli -> insert_id;
$mysqli -> close();
?>
url: "http:///localhost/insert.php?myrange=10"
它 运行,它生成一行,但该行完全是空的...所以我不知道发生了什么...
正确代码:
<form class="" action="insert.php" method="POST">
<input type="range" min="1" max="10" value="5" class="slider" id="myRange" name="myrange">
<p>Value: <span id="demo"></span></p>
<button id="btn1">Click Here</button>
</form>
并在 insert.php 中:
<?php
$getRangeValue = $_POST['myrange'];
$mysqli = new mysqli("localhost","root","passwd","table_name");
//
// Check connection
if ($mysqli -> connect_errno) {
echo "Failed to connect to MySQL: " . $mysqli -> connect_error;
exit();
}
$query = $mysqli->prepare("INSERT INTO ertekek (RangeValue, anotherValue) VALUES (?, 11)");
$query->bind_param('i',$getRangeValue);
$query->execute();
echo "New record has id: " . $mysqli -> insert_id;
$mysqli -> close();
?>
我改变了什么?
- 我改变了方法
method="POST" 而不是 method="$_POST"
- 将变量
$getRangeValue 的 GET 更改为 POST
- 使用准备语句而不是简单且不安全的查询
Link 我推荐你阅读
- What is the difference between POST and GET?
- How can I prevent SQL injection in PHP?
我有一个滑块,其中一个在标签中。我想将滑块放入数据库。 在“index.php”中:
<form class="" action="insert.php" method="$_POST">
<input type="range" min="1" max="10" value="5" class="slider" id="myRange" name="myrange">
<p>Value: <span id="demo"></span></p>
<button id="btn1">Click Here</button>
</form>
并在 insert.php 中:
<?php
$getRangeValue = $_GET['myRange'];
$mysqli = new mysqli("localhost","root","passwd","table_name");
//
// Check connection
if ($mysqli -> connect_errno) {
echo "Failed to connect to MySQL: " . $mysqli -> connect_error;
exit();
}
$mysqli -> query("INSERT INTO ertekek (RangeValue, anotherValue) VALUES ($getRangeValue, 11)");
echo "New record has id: " . $mysqli -> insert_id;
$mysqli -> close();
?>
url: "http:///localhost/insert.php?myrange=10"
它 运行,它生成一行,但该行完全是空的...所以我不知道发生了什么...
正确代码:
<form class="" action="insert.php" method="POST">
<input type="range" min="1" max="10" value="5" class="slider" id="myRange" name="myrange">
<p>Value: <span id="demo"></span></p>
<button id="btn1">Click Here</button>
</form>
并在 insert.php 中:
<?php
$getRangeValue = $_POST['myrange'];
$mysqli = new mysqli("localhost","root","passwd","table_name");
//
// Check connection
if ($mysqli -> connect_errno) {
echo "Failed to connect to MySQL: " . $mysqli -> connect_error;
exit();
}
$query = $mysqli->prepare("INSERT INTO ertekek (RangeValue, anotherValue) VALUES (?, 11)");
$query->bind_param('i',$getRangeValue);
$query->execute();
echo "New record has id: " . $mysqli -> insert_id;
$mysqli -> close();
?>
我改变了什么?
- 我改变了方法
method="POST"而不是method="$_POST" - 将变量
$getRangeValue 的 - 使用准备语句而不是简单且不安全的查询
GET 更改为 POST
Link 我推荐你阅读
- What is the difference between POST and GET?
- How can I prevent SQL injection in PHP?