PHP white screen of death every time. What am I doing wrong?
I\'m a complete noob to PHP and working with mysql so you know I do however have a great deal of experience with HMTL and CSS. All I need is for a form on my site to upload the
-
first of all
$_POST[firstname] should be $_POST['firstname']third
mysql_query($sql,$conn);second
$conn=mysql_connect(your parameters);讨论(0) -
Like the other guys said, put the comments in the array reference. That being said you really need to escape the $_POST variables to avoid SQL Injection, its also easier to debug if the code is clearly ordered :)
With ordered code you can type echo "some text"; at any touch point you want to so you can see where the code breaks.
Also switching on error reporting in your php.ini or in code (http://php.net/manual/en/function.error-reporting.php) would be the best bet for watching the errors that you can't predict.
<?php $hostname = "myHostName"; $username = "PreRegCustomers"; $dbname = "PreRegCustomers"; $password = "myPassword"; $usertable = "CustomerInfo"; //connect to mysql $link_id = mysql_connect($hostname, $username, $password); if (!$link_id) { die("Unable to connect to database! Please try again later. error:".mysql_errno()); } echo "connected to mysql"; //make sure your DB exists if (!mysql_select_db($dbname)) die ("Connected to mysql but could not connect to the DB. error:".mysql_errno()); echo "connected to database"; //avoid sql_injection $firstName = mysql_real_escape_string($_POST['firstName']); $lastName = mysql_real_escape_string($_POST['lastName']); $streetAddress = mysql_real_escape_string($_POST['streetAddress']); $city = mysql_real_escape_string($_POST['city']); $state = mysql_real_escape_string($_POST['state']); $zip = mysql_real_escape_string($_POST['zip']); $country = mysql_real_escape_string($_POST['country']); $email = mysql_real_escape_string($_POST['email']); $phone = mysql_real_escape_string($_POST['phone']); $badgeName = mysql_real_escape_string($_POST['badgeName']); echo "sanitised input"; //write the query $sql = "INSERT INTO $usertable (firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName) VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')"; echo "build query: ".$sql; //then you'll need to execute the query :) if (mysql_query($sql)) echo "query success"; else echo "query failed"; //ps you can ignore the last? >讨论(0) -
Include this two lines at the very top of your php code:
error_reporting(E_ALL); ini_set('display_errors', '1');It is going to enable error reporting and so you will be able to debug your script. Maybe the problem is that the reading of $_POST variables (and of any array type variable) should be made with 'quotes' when using string index names:
$_POST[firstName] must be written as follows: $_POST['firstName']A good way of making this query more secure (against sql injection attacks for example) is to scape the values in POST instead of passing it directly to the query.
$firstName = mysql_real_escape_string($_POST['firstName']);The value in POST will be scaped so you can pass it to your SQL.
Try to make that will all your variables:
$sql = "INSERT INTO $usertable (firstName, lastName, streetAddress, city, state, zip, country, email, phone, badgeName) VALUES ('$firstName', '$lastName', '$streetAddress', '$city', '$state', '$zip', '$country', '$email', '$phone', '$badgeName')";Finally you need to actually execute the query:
mysql_query($sql);If it goes ok you'll see no errors, but be shure to enable error reporting to this script. When everything it's ok remember to remove the error reporting.
讨论(0) -
From what I can tell, this code just connects to a database and sets a variable $sql. Are you actually executing the query anywhere? Are you doing anything to print something on the screen?
讨论(0) -
$_POST[firstName]should be$_POST['firstName']and so on andmysql_query($sql) or die('MySQL Error: ', mysql_error()); echo 'Data inserted';You shouldn't not be using mysql_ now, its deprecated. Do it with PDO
讨论(0)
加载中...
- 热议问题