我正在学习PHP,我试图将数据插入名为“pumpl2”的MySQL数据库。表设置为这样。初学PHP:我无法将数据插入MYSQL数据库
create table product
(productid int unsigned not null auto_increment primary key,
price int(9) not null,
value int(9) not null,
description text
);
我有一个表格,并希望从数据库表格中插入的字段。这是php文件的样子。
<?php
// create short variable names
$price = $_POST['price'];
$value = $_POST['value'];
$description = $_POST['description'];
if (!$price || !$value || !$description) {
echo "You have not entered all the required details.<br />"
."Please go back and try again.";
exit;
}
@ $db = new mysqli('localhost', 'pumpl', '********', 'pumpl2');
if (mysqli_connect_errno()) {
echo "Error: Could not connect to database. Please try again later.";
exit;
}
$query = "insert into pumpl2 values
('".$price."', '".$value."', '".$description."')";
$result = $db->query($query);
if ($result) {
echo $db->affected_rows." product inserted into database.";
} else {
echo "An error has occurred. The item was not added.";
}
$db->close();
?>
当我提交表单时,出现错误信息“发生错误,未添加项目”。
有谁知道问题是什么?谢谢!
您串联原始值后进入一个INSERT语句这是一个非常糟糕的主意。您应该查看PDO并准备好声明:http://www.php.net/manual/en/pdo.prepare.php – 2010-05-12 10:36:29
我现在将查看它。谢谢! – Victor 2010-05-12 10:47:01
@Colonel实际上,PDO对参数化查询没有垄断权。 mysqli有类似的机制。 – 2010-05-12 11:11:59