MySQL INSERT和UPDATE查询不适用于PHP 5.2.17
[英]MySQL INSERT and UPDATE queries not working on PHP 5.2.17
问题描述
I'm working on a website with PHP and MySQL, first I use XAMPP to preview the building of my site, everything is working fine here (XAMPP PHP version is 5.7), the problem is when I uploaded through FTP the content of my site, the INSERT and UPDATE queries aren't working on my PHP scripts. 
我正在使用PHP和MySQL的网站上工作,首先我使用XAMPP预览网站的构建,此处一切正常(XAMPP PHP版本为5.7),问题是当我通过FTP上传网站内容时,则INSERT和UPDATE查询不适用于我的PHP脚本。
I've read some articles about the compatibility issues between both versions, FTP server is using PHP 5.2.17. 我已经阅读了一些有关两个版本之间兼容性问题的文章,FTP服务器正在使用PHP 5.2.17。
The SELECT queries are working fine in the server, so, login into database is not the issue. SELECT查询在服务器中运行良好,因此,登录数据库不是问题。
This is my code using UPDATE : 这是我使用UPDATE代码:
include_once 'db_post.php';
$mysqli = new mysqli(DATA_HOST, DATA_USER, DATA_PASSWORD, DATA_DATABASE);
$catTitle = mysqli_real_escape_string($mysqli, $_POST['catName']);
$catDesc = mysqli_real_escape_string($mysqli, $_POST['catDesc']);
$catID = mysqli_real_escape_string($mysqli, $_GET['ID']); // I get this in the redirection, the value isn't in the POST form
$cT = "UPDATE categorias SET NombreCat = '$catTitle', DescripcionCat = '$catDesc', ImagenCat = 'no_image.png' WHERE IDCat = $catID";
if ($mysqli->query($cT) === TRUE) { header("Location: ../management.php?Action=ManageCategories&Edit=Successful"); }
else { header("Location: ../management.php?Action=ManageCategories&Edit=Error"); }
The redirection goes through the error and nothing is saved in the database. 重定向会遇到错误,并且数据库中不会保存任何内容。
Another info about my DB is that I'm using InnoDB instead of MyISAM, which allegedly is recommended in phpMyAdmin. 关于我的数据库的另一个信息是我使用的是InnoDB而不是MyISAM,据称在phpMyAdmin中建议这样做。
Also when I'm trying to insert a row, there's no query: 另外,当我尝试插入一行时,没有查询:
include_once 'db_post.php';
$mysqli = new mysqli(DATA_HOST, DATA_USER, DATA_PASSWORD, DATA_DATABASE);
$catTitle = mysqli_real_escape_string($mysqli, $_POST['catName']);
$catDesc = mysqli_real_escape_string($mysqli, $_POST['catDesc']);
$cT = "INSERT INTO categorias (IDCat, NombreCat, DescripcionCat, ImagenCat) VALUES (null, '$catTitle', '$catDesc', 'no_image.png')";
if ($mysqli->query($cT) === TRUE) { header("Location: ../management.php?Action=ManageCategories&Add=Successful"); }
else { header("Location: ../management.php?Action=ManageCategories&Add=Error"); }
So the question is, which is the correct form to query in MySQL in that version of PHP? 所以问题是, 在该版本的PHP中 , 哪种格式正确才能在MySQL中查询?
1 个解决方案
解决方案1
0 已采纳 2016-06-30 04:43:02
You should be using prepared statements to avoid SQL injection hacks, and you should also be capturing error messages. 您应该使用准备好的语句来避免SQL注入被黑,并且还应该捕获错误消息。 PDO makes this much easier than mysqli: PDO比mysqli更容易:
include_once 'db_post.php';
$dsn = sprintf("mysql:host=%s;dbname=%s", DATA_HOST, DATA_DATABASE);
$db = new PDO($dsn, DATA_USER, DATA_PASSWORD);
if (empty($_GET["ID"])) {
$action = "Add";
$stmt = $db->prepare("INSERT INTO categorias (IDCat, NombreCat, DescripcionCat, ImagenCat) VALUES (null, ?, ?, 'no_image.png')";
$result = $db->prepare([$_POST["catName"], $_POST["catDesc"]);
} else {
$action = "Edit";
$stmt = $db->prepare("UPDATE categorias SET NombreCat = ?, DescripcionCat = ?, ImagenCat = 'no_image.png' WHERE IDCat = ?";
$result = $stmt->execute([$_POST["catName"], $_POST["catDesc"], $_GET["ID"]]);
}
if ($result === true) {
header("Location: ../management.php?Action=ManageCategories&$action=Successful");
} else {
error_log("Database error: " . $stmt->errorInfo());
header("Location: ../management.php?Action=ManageCategories&$action=Error");
}
Now, if you have an error, just check your logs. 现在,如果您有错误,只需检查您的日志即可。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.