我正在从PHP文件中运行一个insert语句,然后运行一些代码来检查插入是否有效。PHP告诉我"成功"。但是,当我检查数据库以查看该记录是否存在时,它并不存在。此外,当我直接在MySQL管理员中运行sql语句时,它运行得很好。我确信我没有插入错误的数据库或表。以下是代码的清理版本:
$sql = "INSERT INTO companies (name, source_id, source_site, seeking_cf, currency, i_target, equity_offered, money_raised, num_investors, raised_pct, descr, city, state, country, categories_id, logo) VALUES ('"XYZ Widgets'", '"31'", 22, 1, '"£'", 250000, 0, 0, 0, 0, '"(Business Plan'", '"London'", '"'", '"UK'", 0, '"http://www.website.com/xyz.jpg'")";
$rs = mysql_query($sql, $conn);
if(mysql_affected_rows($conn) == 0) {
$utoh = "fail";
} else {
$utoh = "success";
}
echo $utoh;
所以结果显示"成功",但记录不在数据库中。PHP版本为5.3。MySQL是5.5。
尽管我不愿意容忍使用mysql_,但您应该对mysql_query语句进行错误检查。。。
<?php
$sql = "INSERT INTO companies (name, source_id, source_site, seeking_cf, currency, i_target, equity_offered, money_raised, num_investors, raised_pct, descr, city, state, country, categories_id, logo) VALUES ('"XYZ Widgets'", '"31'", 22, 1, '"£'", 250000, 0, 0, 0, 0, '"(Business Plan'", '"London'", '"'", '"UK'", 0, '"http://www.website.com/xyz.jpg'")";
$rs = mysql_query($sql, $conn);
if (!$rs)
{
echo mysql_error();
}
else
{
echo 'success';
}
我们现在可以看到错误是什么了。
使用single quotes而不是双引号。
您的代码容易出现SQL注入。使用PDO或MYSQLI
使用PDO扩展的示例:
<?php
$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);
// insert one row
$name = 'one';
$value = 1;
$stmt->execute();
?>
这将允许您插入带有单引号的记录。
试试这个:
$sql = "INSERT INTO companies (name, source_id, source_site, seeking_cf, currency, i_target, equity_offered, money_raised, num_investors, raised_pct, descr, city, state, country, categories_id, logo) VALUES ('"XYZ Widgets'", '"31'", 22, 1, '"£'", 250000, 0, 0, 0, 0, '"(Business Plan'", '"London'", '"'", '"UK'", 0, '"http://www.website.com/xyz.jpg'")";
$rs = mysql_query($sql, $conn);
if(!$rs) {
$utoh = "fail";
} else {
$utoh = "success";
}
echo $utoh;
你试过了吗?:
1:
mysql_query("set names utf8;");
before mysql_query($insert)?
2:
更改引号"by"内部查询