stackoom
  简体   繁体   中英

php mysql_query insert into not working

 原文  2013-11-06 13:31:24       php/ mysql

Question

<form method="post" action="updatescreen(2).php">
Name of company:<br />
<input type="text" name="artid" id="artid" size="50" /><br /><br />
<input type="submit" name="Insert" id="Insert" value="Insert" /><br /><br />

<?php
if(isset($_POST['Insert'])){
    $id = $_POST['artid'];

    mysql_query("INSERT INTO test (id) VALUES ('$id', )");
}

?></form>

The connection to the database is included so not mentioned here. The connection is working fine, that's not the problem.

The problem is: the php code doesn't work. The php code doesn't insert the data into my database. What's wrong?

5 answers

solution1
 3  2013-11-06 13:32:23

You had a , after '$id' : 

mysql_query("INSERT INTO test (id) VALUES ('$id')");

Your code is also open to SQL injection . You should be using something like PDO instead of the mysql_* functions, which are deprecated. With PDO, you can guard against SQL injections by using prepared statements .

solution2
 3  2013-11-06 13:32:39

Change 

mysql_query("INSERT INTO test (id) VALUES ('$id', )");

to 

mysql_query("INSERT INTO test (id) VALUES ('$id')");

solution3
 2  2013-11-06 13:34:09

You have one comma too many. 

mysql_query("INSERT INTO test (id) VALUES ('$id')");

In future, try printing the error, which will help you debug the problem yourself: 

mysql_query("INSERT INTO test (id) VALUES ('$id')") or die(mysql_error());

And please use PDO or mysqli instead of the mysql_ functions, which are insecure and deprecated.

solution4
 0  2013-11-06 13:35:31

Try 

<?php if(isset($_POST['Insert'])){
    $id = $_POST['artid'];

    mysql_query("INSERT INTO test (id) VALUES ('".$id."')")or die(mysql_error());
}?>


  <form method="post" action="updatescreen(2).php">
Name of company:<br />
<input type="text" name="artid" id="artid" size="50" /><br /><br />
<input type="submit" name="Insert" id="Insert" value="Insert" /><br /><br />

And => think about the safety!

solution5
 0  2013-11-06 13:39:01

Errors: 

 mysql_query("INSERT INTO test (id) VALUES ('$id', )"); ^---not secure, potencial sql injection ^----not need ","

Use this code for more security (most of all better pdo or mysqli): 

 if(isset($_POST['Insert'])){ $id = mysql_real_escape_string($_POST['artid']); mysql_query("INSERT INTO test (id) VALUES ('$id')");

}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question mysql_query("INSERT INTO… is not working PHP: mysql_query INSERT INTO grab id? php insert mysql_query get id PHP, mysql_query just NOT working PHP mysql_query not working with variable PHP Implode not working with mysql_query mysql_query not working in newest php version Issue with MySQL INSERT via PHP mysql_query Error with mysql_query in php - Can't insert information into database issue performing an INSERT statement with mysql_query() PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM