如果我删除这段代码,我的页面加载。但是如果我添加这个,我得到一个HTTP错误500从我的web矩阵。
<?php
try {
if(isset(['submit'])) {
include('config.php');
$subject = $_POST['subject'];
$content = $_POST['editor1'];
$date = $_POST['date'];
$tags = $_POST['tags'];
$author = $_POST['author'];
$thumbnail = $_POST['thumbnail'];
$sql = "INSERT INTO articles (Subject, Content, Date, Author, Tags, Thumbnail) VALUES ('$subject','$content','$date','$author','$tags', '$thumbnail')";
$dbh->query($sql);
}
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
这不是一个语句:
if (isset(['submit']))
应该是:
if (isset($_POST['submit']))
与所有的机会
无论如何,您应该将参数绑定到查询中,而不是将它们硬编码到查询中。
if (isset(['submit']))
缺少一个变量。您可以使用这一行:
if(isset($_POST['submit']))
顺便说一下,你的SQL代码是开放的盲目SQL注入。你应该解析参数,或者更好的是,使用准备好的语句。
$stmt = $dbh->prepare("INSERT INTO articles (Subject, Content, Date, Author, Tags, Thumbnail) VALUES (':subject',':content',':date',':author',':tags', ':thumbnail')");
$stmt->bindParam(':subject', $subject);
$stmt->bindParam(':content', $content);
// ...
$stmt->execute();