MySQL的插入查询在PHP失败

Question

i am working with databases for almost one year and this time when i tried mysql and php it does not work and i tried using mysqli_error() function and that does not work too i created the database and that's very simple table with 2 columns and it does not work either i am wondering what can i do about that here is what i tried

 <?php
    $cnn=mysqli_connect("localhost","root","password");
    if(!$cnn){
    die("data base connection failed :" . mysqli_error());
    }
    //select a kimai fekr db
    $db_select=mysqli_select_db($cnn,"testi");
    if (!$db_select){

    die("database selection failed:" . " " . mysqli_error());
    }
?>
<?php
$uname="morteza";
$id=1;
$query="insert into test ('id','uname') values ($id,'{$uname}')";
$result=mysqli_query($cnn,$query);
if($result){
    echo "<p>user added</p>";
}
else{
echo "<p>user not added </p>" . mysqli_error('$cnn');}
mysqli_close($cnn);
  ?>

Answer 1

Those are not the right column identifiers

('id','uname')
 ^  ^ ^     ^

either remove them

(id,uname)

or use backticks

(`id`,`uname`)

Add error reporting to the top of your file(s) right after your opening <?php tag error_reporting(E_ALL); ini_set('display_errors', 1); error_reporting(E_ALL); ini_set('display_errors', 1); which would have signaled the error

as well as or die(mysqli_error($cnn)) to mysqli_query()

---

Plus, your present code is open to SQL injection . Use prepared statements , or PDO with prepared statements , they're safer .

Answer 2

Do not use single quotes around your column identifiers. Use ticks or nothing at all:

$query="insert into test (id,uname) values ($id,'{$uname}')";

or

$query="insert into test (`id`,`uname`) values ($id,'{$uname}')";

Answer 3

你可以试试看吗

$query="insert into test (`id`,`uname`) values ('$id','{$uname}')";