这是我从 php 代码到数据库中插入代码的联系方式,数据正在插入,但您的消息数据插入的单词很少?怎么回事,没看懂!
<?php
require_once("config.php");
if ( (isset($_POST['your_name']) && $_POST['your_name'] != '')
&& (isset($_POST['your_email']) && $_POST['your_email'] != '') )
{
require_once("contact_mail.php");
$yourName = $conn->real_escape_string($_POST['your_name']);
$yourEmail = $conn->real_escape_string($_POST['your_email']);
$yourMessage = $conn->real_escape_string($_POST['your_message']);
$subject = $conn->real_escape_string($_POST['subject']);
$yourPhone = $conn->real_escape_string($_POST['phone']);
// Block HTML special characters
$yourName = htmlspecialchars($yourName, ENT_QUOTES, 'UTF-8');
$yourEmail = htmlspecialchars($yourEmail, ENT_QUOTES, 'UTF-8');
$yourMessage = htmlspecialchars($yourMessage, ENT_QUOTES, 'UTF-8');
$subject = htmlspecialchars($subject, ENT_QUOTES, 'UTF-8');
$yourPhone = htmlspecialchars($yourPhone, ENT_QUOTES, 'UTF-8');
$sql = "INSERT INTO contact_form_info
(name, email, message, subject, phone)
VALUES ('$yourName', '$yourEmail',
'$yourMessage', '$subject', '$yourPhone')";
if (!$result = $conn->query($sql)) {
die('There was an error running the query [' . $conn->error . ']');
} else {
echo "Thank you! We will contact you soon";
}
} else {
echo "Please fill Name and Email";
}
?>
我期待这个问题和安全的解决方案!所以html不能通过它--