php - html php表单不起作用(数据未在数据库中结束)

嗨，我在使用html/php表单向数据库传递数据时遇到问题，
所以假设这是一个已经注册过的网站（电子邮件、密码和全名），那么这个表单可以选择性地用来添加（地址、城市、国家等），但它不起作用。

<?php
 session_start();
 require 'db.php';    //here is all the database connection settings //
?>
<?php
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  if (isset($_POST['addinfo'])) { //user logging in
     require 'addinfo.php';
    }
  }
?>
<!DOCTYPE html>
  <head>
  </head>
  <body>
        <div class="container2">
        <form class="modal-content animate" method="post"
   action="account.php" style="z-index:10">
    <input type="text" placeholder='Country' name='country'id="q2"/>
    <input type="text" placeholder='City' name='city'id="q3"/>
    <input type="text" placeholder='Address' name='address'id="q4"/>
    <input type="text" placeholder='PostalCode'
   name='postalcode'id="q5"/>
    <button type="submit" id="sbmt" name='addinfo'>Submit</button>
    <a href="#" style="text-decoration:none; float:right; margin-
   right:34px;">change password</a>
            </form>
        </div>
  </body>

这是文档addinfo.php

 <?php
 require 'db.php';$_SESSION['country'] = $_POST['country'];
 $_SESSION['city'] = $_POST['city'];
 $_SESSION['address'] = $_POST['address'];
 $_SESSION['postalcode'] = $_POST['postalcode'];

 $country = $_POST['country'];
 $city = $_POST['city'];
 $postalcode = $_POST['postalcode'];
 $address = $_POST['address'];


 $sql = "INSERT INTO users (country, city, postalcode, address) "
  . "VALUES ('$country','$city','$postalcode','$address')";

 ?>

我是db.php

 <?php
 $servidor = "localhost";
 $usuario= "root";
 $password = "";
 $base_datos = "accounts";

 $host = 'localhost';
 $user = 'root';
 $pass = '';
 $db = 'users';
 $mysqli = new mysqli($host,$user,$pass,$db) or die($mysqli->error);




 $conexion = new mysqli($servidor, $usuario, $password, $base_datos);
 $conexion1 = new mysqli($servidor, $usuario, $password, $base_datos);


  ?>

最佳答案

首先，为了安全起见，在将数据插入数据库之前，应该使用mysqli_real_escape_字符串。mysqli_real_escape_string

$country = mysqli_real_escape_string($mysqli, $_POST['country']);
$city = mysqli_real_escape_string($mysqli, $_POST['city']);
$postalcode = mysqli_real_escape_string($mysqli, $_POST['postalcode']);
$address = mysqli_real_escape_string($mysqli, $_POST['address']);

代码中的问题：没有执行查询。
将此添加到$sql下面

$mysqli->query($sql);
//OR
//mysqli_query($mysqli, $sql)