我在 apache 服务器上的本地主机中使用以下 php 代码,它没有显示错误,当我以 html 形式提交数据但数据未保存在 phpmyadmin 表中时,一切似乎都很好。有人可以帮忙吗?
<?php
$servername = 'localhost';
$username = 'root';
$password = 'xxxx';
$database = 'newtable';
$con = mysqli_connect("$servername","$username","$password","$database");
if (! $con){
die('Could not connect: ' . mysqli_error());
}
$sql = "INSERT INTO newtable (firstname, lastname) VALUES ('$_POST[firstname]', '$_POST[lastname]')";
if (! $sql)
{
die('Error: ' . mysqli_error());
}
echo "Record Added Successfully!";
mysqli_close($con);
?>
HTML代码是:
<html>
<body>
<form action="insert.php" method="post">
Firstname: <input type="text" name="firstname" /><br><br>
Lastname: <input type="text" name="lastname" /><br><br>
<input type="submit" />
</form>
</body>
</html>
您忘记执行查询,请使用如下所示的预准备语句
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$sql = "INSERT INTO newtable (firstname, lastname) VALUES (?, ?)";
$stmt = $con->prepare($sql);
$stmt->bind_param("ss", $firstname, $lastname);
$stmt->execute();
您没有在任何地方执行插入查询语句,因此未添加数据。
替换以下行:
if (! $sql)
{
die('Error: ' . mysqli_error());
}
跟
if ($mysqli->query($con, $sql) !== TRUE)
{
die('Error: ' . mysqli_error($con));
}
你只是写你的查询忘记执行它
$sql = "INSERT INTO newtable (firstname, lastname) VALUES ('".$_POST['firstname']."', '".$_POST['lastname']."')";
$result=mysqli_query($con,$sql);// execute it
if (! $result)
{
die('Error: ' . mysqli_error($con));// need to pass connection as parameter
}
读
http://php.net/manual/en/mysqli.error.php
http://php.net/manual/en/mysqli.query.php
最好使用绑定语句来防止表单 SQL 注入
$sql = "INSERT INTO newtable (firstname, lastname) VALUES (?, ?)";
$stmt = $con->prepare($sql);
$stmt->bind_param("ss", $firstname, $lastname);
$stmt->execute();
谢谢你们的回答,它奏效了
我需要添加的所有内容$result=mysqli_query($con,$sql);
是程序的执行吗?
<?php
$servername = 'localhost';
$username = 'root';
$password = '';
$database = 'newtable'; $con = mysqli_connect("$servername","$username","$password","$database");
if (! $con){ die('Could not connect: ' . mysqli_error()); }
$sql = "INSERT INTO yourTableName (firstname, lastname) VALUES ('".$_POST['firstname']."', '".$_POST['lastname']."')";
if (! $sql) { die('Error: ' . mysqli_error()); } echo "Record Added Successfully!"; mysqli_close($con);
?>
如果您使用的是本地主机,则默认情况下db密码为空,您需要在插入查询中提供表名。