SQL语法错误,有人可以帮我申请表格吗?
[英]Error in SQL syntax, can anyone help me with my signup form?
问题描述
I have searched in the web and this site for weeks looking for an answer as to why my PHP code isn't working, but I haven't found out yet. 
我已经在网上和该网站上搜索了数周,以寻找有关为什么我的PHP代码无法正常工作的答案,但是我还没有找到答案。
I'm making a form on my website where users can signup for an event. 我正在网站上制作表格,用户可以在其中注册活动。 Those data will then be stored in a MySQL database. 然后,这些数据将存储在MySQL数据库中。
This is my PHP code of process.php: 这是我的process.php PHP代码:
<?php
$connect=mysqli_connect('hostxxxx','userxxxx','passwordxxxx','databasexxxx');
if(mysqli_connect_errno($connect))
{
echo 'Failed to connect';
}
// create a variable
$name=$_POST['name'];
$club=$_POST['club'];
$food=$_POST['food'];
$when=$_POST['when'];
$acro=$_POST['acro'];
//Execute the query
mysqli_query($connect,"INSERT INTO registered (name,club,food,when,acro)
VALUES('$name','$club','$food','$when','$acro')");
if(mysqli_affected_rows($connect) > 0){
echo "<p>Signup successful!<br>The JWDW-crew</p>";
echo "<a href='index.html'>Go Back</a>";
} else {
echo "Signup failed";
echo mysqli_error ($connect);
}
?>
My MySQL database contains 5 rows: name, club, food, when and acro . 我的MySQL数据库包含5行: name, club, food, when and acro 。 I have made a form in my index.html file, which starts with: 我在index.html文件中做了一个表格,其开头为:
<form method="post" action="process.php"
I really can't figure out what's wrong with it. 我真的不知道这是怎么回事。 I keep getting the error message: 我不断收到错误消息:
You have an error in your SQL syntax;
Can someone help with my code? 有人可以帮忙我的代码吗?
1 个解决方案
解决方案1
1 2014-11-20 11:29:58
Let's escape your column names with an ` character. 让我们用`字符转义列名。
mysqli_query($connect,"INSERT INTO registered (`name`,`club`,`food`,`when`,`acro`) VALUES('$name','$club','$food','$when','$acro')");
as Strawberry sad in his comment. 草莓在他的评论中难过。
- Avoid sql injections by escaping your variables what comes from user input. 通过转义变量来避免来自用户输入的sql注入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.