1. 首页
  2. 问答
  3. 插入查询到不工作

插入查询到不工作

2017-06-13 75 views
0

我试图将数据插入到一个在线数据库MySql在线MySQL数据库,我用这个查询在几个月前,现在它似乎没有工作,插入查询到不工作

我的表格:

$name = "Hilary"; 
$number = "768"; 
$orderss = "Rice x1"; 
$location = "Chilenje"; 

$con= mysqli_connect($host,$user,$pass,$db); 

$query= "insert into orders values('".$name."','".$number."','".$orderss."','".$location."');"; 

$result= mysqli_query($con,$query); 

if(!$result) 
{ 
    $response = array(); 
    $code= "reg_false"; 
    $message="Error Placing Order..."; 
    array_push($response,array("code"=>$code,"message"=>$message)); 
    echo json_encode(array("server_response"=>$response)); 

} 
else 
{ 
    $response = array(); 
    $code= "reg_true"; 
    $message="Order Successful,Please wait for our call..."; 
    array_push($response,array("code"=>$code,"message"=>$message)); 
    echo json_encode(array("server_response"=>$response)); 

} 

mysqli_close($con); 

?>

当我运行这种形式我得到服务器响应的“错误下单”部分和值不inserted.Please帮我

来源

2017-06-13 The_Hilz

+2

你是敞开的SQL注入。由于您使用的是mysqli,请利用[prepared statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)和[bind_param](http://php.net/手动/ EN/mysqli的-stmt.bind-param.php)。另外,在运行查询时检查错误消息。 – aynber

+0

尝试[启用例外](https://stackoverflow.com/questions/14578243/turning-query-errors-to-exceptions-in-mysqli)以获取更具体的错误。 – tadman

+0

你应该在这里阅读一些文档https://www.w3schools.com/php/php_mysql_insert.asp –

回答

0

让您$query很简单的像这样的,如果你插入的所有列你的表

$stmt = $conn->prepare("INSERT INTO orders VALUES (?, ?, ?, ?)"); 
$stmt->bind_param("siss", $name, $number, $orderss, $location);

或者如果你插入到特定的列,您可以用您的实际列名

$stmt = $conn->prepare("INSERT INTO orders (column_name1, column_name2, column_name3, column_name4) VALUES (?, ?, ?, ?)"); 
$stmt->bind_param("siss", $name, $number, $orderss, $location);

或者我还修改当前的代码,这样你可以在你结束一个测试替换column_name*使用还有一点"siss"的论据是4种不同类型i - integer, d - double, s - string, b - BLOB

<?php 
$servername = "localhost"; 
$username = "username"; 
$password = "password"; 
$dbname = "myDB"; 

$name = "Hilary"; 
$number = "768"; 
$orderss = "Rice x1"; 
$location = "Chilenje"; 

// Create connection 
$con = new mysqli($servername, $username, $password, $dbname); 

// Check connection 
if ($con->connect_error) { 
    die("Connection failed: " . $con->connect_error); 
} 

// prepare and bind 
$stmt = $conn->prepare("INSERT INTO orders VALUES (?, ?, ?, ?)"); 
$stmt->bind_param("siss", $name, $number, $orderss, $location); 

if($stmt->execute()) { 
$stmt->execute(); 
    $response = array(); 
    $code= "reg_true"; 
    $message="Order Successful,Please wait for our call..."; 
    array_push($response,array("code"=>$code,"message"=>$message)); 
    echo json_encode(array("server_response"=>$response)); 
} else { 

    $response = array(); 
    $code= "reg_false"; 
    $message="Error Placing Order..."; 
    array_push($response,array("code"=>$code,"message"=>$message)); 
    echo json_encode(array("server_response"=>$response)); 

} 
$stmt->close(); 
$con->close(); 
?>

来源

2017-06-13 20:07:58 Rtra

+2

保存OP烦恼和善意使用准备好的语句 – Akintunde007

+0

谢谢,这与尝试在不同服务器上的组合显示它不连接,输入了错误的密码,现在工作正常 –

+0

@Rtra可以哟请编辑您的答案以显示可以使用预先准备的语句进行的相同操作? –

相关问题

 相关问题