PHP插入数据库查询
[英]PHP insert into database query
问题描述
I am trying to insert values into a database table, a row is inserted but blank no values are inserted. 
我试图将值插入数据库表,插入一行但空白没有插入值。 Only the order_id which is the primary key with auto increment increase. 只有order_id是自动增量的主键增加。
php code: php代码:
<?php
$user_get = mysql_query("SELECT * FROM users");
while($row_user = mysql_fetch_assoc($user_get)){
if($row_user['username'] == $_SESSION['username']){
$row_user['first_name'] = $res1;
$row_user['last_name'] = $res2;
$store_order ="INSERT INTO oko (user, product) VALUES ('$res1', '$res2')";
mysql_query($store_order);
}
}
?>
2 个解决方案
解决方案1
5 已采纳 2013-03-19 21:52:19
Your assignments are backwards. 你的作业是倒退的。 I think you meant to: 我想你的意思是:
$res1 = $row_user['first_name'];
$res2 = $row_user['last_name'];
解决方案2
3 2013-03-19 21:52:44
Don't you mean: 你的意思是:
$res1 = $row_user['first_name'];
$res2 = $row_user['last_name'];
You could also update the SELECT to have a WHERE clause that checks $_SESSION['username'] . 您还可以更新SELECT以具有检查$_SESSION['username']的WHERE子句。
You could also just do an INSERT/SELECT: 你也可以只做一个INSERT / SELECT:
INSERT INTO oko (user, product)
SELECT
first_name, last_name
FROM
users
WHERE
username = '$_SESSION["username"]'
Your code is vulnerable to injection. 您的代码易受注入攻击。 You should use properly parameterized queries with PDO/mysqli 您应该使用PDO / mysqli正确参数化查询
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.