没有
错误,但它说它是Insert Successfully
但是当我检查我的数据库时,没有字段添加到表中car_category
。当我将其转移到在线虚拟主机时,就会发生这种情况。
插入.php
<?PHP
include_once("connection.php");
if(isset($_POST['txtCarModel']) && isset($_POST['txtCarType']) &&
isset($_POST['txtCapacity']) && isset($_POST['txtImage'])){
$Car_Model = $_POST['txtCarModel'];
$Car_Type = $_POST['txtCarType'];
$Capacity = $_POST['txtCapacity'];
$Image = $_POST['txtImage'];
$query = "INSERT INTO car_category(Car_Model, Car_Type, Capacity, Image)
VALUES ('$Car_Model', '$Car_Type', $Capacity, '$Image')";
$result = mysqli_query($conn, $query);
if($result == 0){
if(isset($_POST['mobile']) && $_POST['mobile'] == "android"){
echo "success";
exit;
}
echo "Insert Successfully";
}
else{
if(isset($_POST['mobile']) && $_POST['mobile'] == "android"){
echo "failed";
exit;
}
echo "Something Error";
}
}
?>
<html>
<head><title>Insert</title></head>
<body>
<form action="<?PHP $_PHP_SELF ?>" method="post">
Car Model <input type="text" name="txtCarModel" value=""/><br/>
Car Type <input type="text" name="txtCarType" value=""/><br/>
Capacity <input type="text" name="txtCapacity" value=""/><br/>
Image URL <input type="text" name="txtImage" value=""/><br/>
<input type="submit" name="btnSubmit" value="Insert"/>
</form>
</body>
</html>
我会在这里发布我的连接.php以防问题出在这里。
连接.php
<?php
$servername = "*****";
$username = "*****";
$password = "*****";
$dbname = "******";
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
?>
嗨,
试着echo
你的errors
error_reporting(E_ALL);
ini_set('display_errors',1);// at top of page
// echo $query; die; to see what your query is
$result = mysqli_query($conn, $query) or die(mysqli_errpr($conn));
此外,您的代码sql Vulnerable
使用mysqli prepared statements
或PDO
你可以试试这个
<?PHP
$conn = new mysqli('localhost', 'root', 'password', 'databasename');
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
error_reporting(E_ALL);
ini_set('display_errors',1);// at top of page
if(isset($_POST['txtCarModel']) && isset($_POST['txtCarType']) &&
isset($_POST['txtCapacity']) && isset($_POST['txtImage'])){
$Car_Model = $_POST['txtCarModel'];
$Car_Type = $_POST['txtCarType'];
$Capacity = $_POST['txtCapacity'];
$Image = $_POST['txtImage'];
$stmt = $conn->prepare("INSERT INTO car_category (Car_Model, Car_Type, Capacity, Image) VALUES (?, ?, ?,?)");
$query = "INSERT INTO car_category(Car_Model, Car_Type, Capacity, Image)
VALUES ('$Car_Model', '$Car_Type', $Capacity, '$Image')";
$stmt->bind_param("ssss", $Car_Model, $Car_Type, $Capacity,$Image);
$result = $stmt->execute();
if($result === false ) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}else{
echo "New records created successfully";
}
$stmt->close();
$conn->close();
}
?>
if($result == 0){
这意味着当 mysqli_query() 无法执行查询时执行以下代码。
文档说:
失败时返回 FALSE。对于成功的选择、显示、描述或解释查询,mysqli_query() 将返回一个mysqli_result对象。对于其他成功的查询mysqli_query() 将返回 TRUE。
由于您使用的是 INSERT 语句,因此预期为 true 或 false。查看 else 代码,很可能这就是它说"某些错误"的原因,您应该将其与$result === true
进行比较
其次,你的代码容易受到SQL注入的影响。了解如何在执行语句之前准备语句。