PHP SQL字符串赋值会引发服务器错误
[英]PHP SQL string assignment throws a server error
问题描述
I am trying to have PHP connect to a MySQL database on an Apache server for the first time. 
我试图让PHP首次连接到Apache服务器上的MySQL数据库。 Below is the simple PHP code that I'm using. 下面是我正在使用的简单PHP代码。
<?php
// To ensure that the $_POST superglobal is accessible.
print_r($_POST);
print_r($_POST['usertype']);
$db = mysqli_connect("localhost", "root", "", "rental_26349188");
if (mysqli_connect_errno()) {
mysqli_connect_error();
exit;
}
$sql = "INSERT INTO user_information (usertype, firstname, lastname, phonenumber, email, loginname, password) VALUES (".$_POST['usertype'].", ".$_POST['firstname'].", ".$_POST['lastname'].", ".$_POST['phonenumber'].", ".$_POST['email'].", ".$_POST['loginname'].", ".$_POST['password'].");"
mysqli_query($db, $sql);
mysqli_close($db);
?>
The database table was previously created with the following SQL command: 之前使用以下SQL命令创建了数据库表:
CREATE TABLE IF NOT EXISTS `user_information` ( `id` int(255) NOT NULL, `usertype` varchar(255) NOT NULL, `firstname` varchar(255) NOT NULL, `lastname` varchar(255) NOT NULL, `phonenumber` varchar(255) NOT NULL, `email` varchar(255) NOT NULL, `loginname` varchar(255) NOT NULL, `password` varchar(255) NOT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE `user_information` ADD PRIMARY KEY (`id`);
ALTER TABLE `user_information` MODIFY `id` int(255) NOT NULL AUTO_INCREMENT;
I receive the following error when loading the page. 加载页面时收到以下错误。
Strangely enough, I found that commenting out the $sql and mysqli_query lines in the PHP code makes it so that the error isn't thrown. 奇怪的是,我发现在PHP代码中注释掉$sql和mysqli_query行使得它不会引发错误。 I've also tried writing the mysqli commands in an object-oriented fashion, as well as inserting the $_POST['key'] contents into the string with curly-bracket substitution (ie. {$_POST['key']} ), all of which produced the same result. 我也尝试以面向对象的方式编写mysqli命令,以及使用大括号替换将$_POST['key']内容插入到字符串中(即。 {$_POST['key']} ) ,所有这些都产生了相同的结果。 It is also clear that PHP is able to access the database, as it can connect with it and close it. 很明显,PHP能够访问数据库,因为它可以与它连接并关闭它。
Why would a SQL string assignment to a PHP variable result in an internal server 500 error? 为什么SQL字符串赋值给PHP变量导致内部服务器500错误? How can I correct my code so that no error is produced? 如何更正我的代码以便不产生错误?
3 个解决方案
解决方案1
2 已采纳 2015-04-15 17:00:23
The response 500 Internal Error usually means a compilation problem, fe a syntax error in the script. 响应500 Internal Error通常意味着编译问题,脚本中存在语法错误。
Regarding your script, the line 关于你的脚本,行
$sql = "INSERT INTO user_information ... .$_POST['password'].");"
does not end with a semicolon ( ; ) as it should (or you put it inside the string). 不会以分号( ; )结束(或者将它放在字符串中)。 Add it at the end of the line and the status code 500 will disappear. 在行尾添加它,状态代码500将消失。
解决方案2
1 2015-04-15 16:59:38
I saw nowhere you've used "'" for values - are you sure no one of values have spaces. 我看到你没有使用“'”作为值 - 你确定没有一个值有空格。 Also to use direct user input into the SQL query in this way isn't good idea, because it lets sql injections. 同样以这种方式使用直接用户输入到SQL查询也不是一个好主意,因为它允许sql注入。 The MySQL has bindParam mechanism, which makes it safe - I strongly recommend to look in documentation for it. MySQL有bindParam机制,这使它安全 - 我强烈建议查看文档。 I know my notes are far away of the current problem, but because you told it is first your touch with MySQl, I let my self to do it. 我知道我的笔记远离当前的问题,但因为你告诉它首先是你与MySQl的联系,我让我自己去做。 Regards 问候
解决方案3
0 2015-04-15 17:07:01
Try: 尝试:
$db = mysqli_connect("localhost", "root", "", "rental_26349188");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
exit;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.