使用PHP将数据插入MySQL的问题
[英]Issue inserting data into MySQL with PHP
问题描述
I am new to PHP. 
我是PHP的新手。 I've been working on a simple form that submits data into a MySQL database and have hit a snag. 我一直在研究一个简单的表单,它将数据提交到MySQL数据库并且遇到了麻烦。 I'm just not sure where the error in the code is, any help would be appreciated. 我只是不确定代码中的错误在哪里,任何帮助将不胜感激。
<?php
$host = 'localhost'; // hostname
$username = 'root'; // MySQL Username
$password = 'root'; // MySQL Password
$db_name = 'idp'; // Database name
$tbl_name = 'data'; // Table name
// Attempt MySQL Connection
mysql_connect("$host", "$username", "$password")or die("Cannot connect.");
// Attempt database connection
mysql_select_db("$db_name")or die("Cannot select DB.");
$name = $_POST['name'];
$mbr_name = $_POST['mbr_name'];
$mbr_tel = $_POST['mbr_tel'];
$date = $_POST['date'];
$sql = "INSERT INTO $tbl_name(name, mbr_name, mbr_tel, date)VALUES('$name', '$mbr_name', '$mbr_tel', '$date')";
$result = mysql_query($sql);
if($result) {
echo "Entry Successful";
echo "<br>";
echo "<a href='form.php'>Return to Form</a>";
} else {
echo "<strong>Error</strong>";
}
mysql_close();
?>
4 个解决方案
解决方案1
1 已采纳 2013-10-14 18:24:37
My guess is, one of the input parameters you are getting has unescaped ' or " character(s) in it. Thus, your query breaks due to the unintended quote characters. To verify if this is the case, introduce another print statement for the sql just after you have created your sql statement and run it in manually in your query browser and see if it works. 我的猜测是,你得到的其中一个输入参数中没有未转义的'或"字符。因此,你的查询会因为非预期的引号字符而中断。要验证是否是这种情况,请为其引入另一个打印语句。 sql刚刚创建了sql语句并在查询浏览器中手动运行并查看它是否有效。
Further, the if($result) { block in your code prints out a success or failure message irrespective of why the failure occured, so the output information is not particularly useful either. 此外,代码中的if($result) {块打印出成功或失败消息,而不管发生故障的原因,因此输出信息也不是特别有用。
You should have a look at the [addslashes][1] method to escape those quote characters. 你应该看看[addslashes][1]方法来逃避那些引用字符。
Your query will then become somthing like 您的查询将变成类似的东西
$sql = "INSERT INTO $tbl_name(name, date)VALUES('".addslashes($name)."', '".$date."')";
Also, I would suggest having a look at pdo for your sql queries instead of mysql_* functions. 另外,我建议你看看你的sql查询的pdo而不是mysql_*函数。
解决方案2
1 2013-10-14 18:52:14
Remove the "" on your mysql_connect($host,$username,$password); 删除mysql_connect($host,$username,$password);上的“” mysql_connect($host,$username,$password); mysql_select_db($db_name); Its a good habit 这是一个好习惯
$sql = "INSERT INTO $tbl_name(name, mbr_name, mbr_tel, date)VALUES('{$name}','{$mbr_name}','{$mbr_tel}', '{$date}')";
Also check your data type for date. 还要检查数据类型的日期。 If the date you are posting is current , you can use sql function instead of the POST for date for example: 如果您发布的日期是最新的,您可以使用sql函数而不是POST作为日期,例如:
$sql = "INSERT INTO $tbl_name(name, mbr_name, mbr_tel, date)VALUES('{$name}','{$mbr_name}','{$mbr_tel}',NOW())";
解决方案3
0 2013-10-14 17:49:27
尝试你这样查询:
$sql = "INSERT INTO $tbl_name(name, mbr_name, mbr_tel, date)VALUES('".$name."', '".$mbr_name."', '".$mbr_tel."', '".$date."')";
解决方案4
0 2013-10-15 11:39:20
your code is deprecated, please refer to Zend classes loader, with the Zend_db_* classes. 您的代码已弃用,请参阅Zend类加载器和Zend_db_ *类。
[http://framework.zend.com/manual/1.12/fr/zend.db.statement.html][1] [http://framework.zend.com/manual/1.12/fr/zend.db.statement.html][1]
PS : Zend is a Framework, you could use any popular framework like Yii, CakePhp and others. PS:Zend是一个框架,你可以使用任何流行的框架,如Yii,CakePhp等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.