PHP / MySQL INSERT无法正常工作
[英]PHP / MySQL INSERT not working
问题描述
I'm really struggling with this piece pf php code where I'm wanting to insert a message into a table using data gotten from another table. 
我真的在这段pf php代码中苦苦挣扎,在这里我想使用从另一个表获得的数据将消息插入表中。 Here is the code that I have: 这是我的代码:
$get_user_sql = "SELECT username FROM members WHERE id = '$member'";
$get_user_res = mysqli_query($con, $get_user_sql);
while($username = mysqli_fetch_assoc($get_user_res)){
$user = $username["username"];
};
$get_message_sql = "SELECT message FROM posts WHERE id = '1377077348-5922'";
$get_message_res = mysqli_query($con, $get_message_sql);
while($postsmessage = mysqli_fetch_assoc($get_message_res)){
$postmessage = $postsmessage["message"];
};
$type = "liked";
$title = "New Like";
$message = "<a href=\"profile.php?member=$user\">$user</a> just liked your post:<br /><i>$postmessage</i>";
$insert_note_sql = "INSERT INTO notes (id, sender, recipient, type, title, message, date) VALUES('$id', '$member', '$recipient', '$type', '$title', '$message', '$time')";
$insert_note_res = mysqli_query($con, $insert_note_sql);
I'm finding that if I remove $postmessage from the $message line everything works fine, but when I add it back in again the row isn't inserted. 我发现,如果我从$ message行中删除$ postmessage,一切正常,但是当我再次将其添加回时,则不会插入该行。 Can anyone see a reason for this? 有人可以看到原因吗?
1 个解决方案
解决方案1
-1 2013-08-21 12:59:52
You're not escaping your values, propably some of your contents include quotes or other unescaped chars. 您并没有逃避自己的价值观,可能您的某些内容包括引号或其他未转义的字符。
Try using mysqli_real_escape_string : 尝试使用mysqli_real_escape_string :
$postmessage = mysqli_real_escape_string($postsmessage);
You should escape every value before inserting it to the database, read more about SQL Injections . 您应该在将每个值插入数据库之前对每个值进行转义,以了解有关SQL Injections的更多信息。 Your code has potential threats. 您的代码有潜在的威胁。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.