[英]putting input in a database using mysqli
I'm trying to use mysqli to insert data from a form into a database. 我正在尝试使用mysqli将表单中的数据插入数据库。 However I'm not getting it to work :/
但是我没有让它工作:/
This is my code from the page you get to after you filled in the form. 这是我填写表单后进入的页面的代码。 The form is not the problem because the variables $headin $author and $thecontent all have data in them.
格式不是问题,因为变量$ headin $ author和$ thecontent都包含数据。 And in the real code database username password and name have real values :)
并在真实代码数据库中,用户名password和name具有真实值:)
<html>
<head>
<title>Send!</title>
</head>
<body>
<?php
ini_set('display_errors', 1); error_reporting(E_ALL);
$DB_HOST = 'localhost';
$DB_USER = '**';
$DB_PASS = '***';
$DB_NAME = '***';
@ $db = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if (mysqli_connect_errno()) {
echo 'Error.';
exit();
}
$author = $_POST['author'];
$heading = $_POST['heading'];
$thecontent = $_POST['thecontent'];
$query = 'INSERT INTO articles ('heading', 'author', 'content')
VALUES ('$heading','$author','$thecontent')';
$result = $db->query($query);
if ($result) {
echo $db->affected_rows."This was added.";
}
else {
echo "somethings gone very wrong.";
}
$db->close();
?>
</body>
</html>
You cannot add single quotes '
on row names and you have to add double quotes for INSERT: 您不能在行名上添加单引号
'
,而必须为INSERT添加双引号:
$query = "INSERT INTO articles (`heading`, `author`, `content`)
VALUES ('$heading','$author','$thecontent')";
Also escape your strings: 还转义您的字符串:
$author = $db->real_escape_string($_POST['author']);
$heading = $db->real_escape_string($_POST['heading']);
$thecontent = $db->real_escape_string($_POST['thecontent']);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.