我是这个论坛的新手,而且我的项目有问题。我已经为其他表使用了相同的代码,但是这个不起作用。帮帮我! d:输入数据没有出现在数据库中
这不起作用:
<?php
$host="127.0.0.1";
$username="root";
$password="";
$db_name="nadel";
$tbl_name="soldprod";
mysql_connect("$host", "$username", "$password")or
die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sprodname=$_POST['sprodname'];
$spquant=$_POST['spquant'];
$scli=$_POST['scli'];
$spds=$_POST['spds'];
if(empty($sprodname) || empty($spquant) || empty($scli) || empty($spds))
{
echo "<script> alert('You did not fill out the required fields. ');
window.location.href='addsprod.php';</script> ";
}
else{
$sprodname = stripslashes($sprodname);
$spquant = stripslashes($spquant);
$scli = stripslashes($scli);
$spds = stripslashes($spds);
$sprodname = mysql_real_escape_string($sprodname);
$spquant = mysql_real_escape_string($spquant);
$scli = mysql_real_escape_string($scli);
$spds = mysql_real_escape_string($spds);
$sql="INSERT INTO soldprod(sp_name, sp_quantity, sp_cli_name, Date_sold)
VALUES ('$sprodname','$spquant','$scli','$spds')";
$result=mysql_query($sql);
echo "<script> alert('Successfully Added Sold Product!');
window.location.href='sprod.php';</script> ";
}
?>
但这个工程:
<?php
$host="127.0.0.1";
$username="root";
$password="";
$db_name="nadel";
$tbl_name="products";
mysql_connect("$host", "$username", "$password")or
die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$prodname=$_POST['prodname'];
$pquant=$_POST['pquant'];
$pprice=$_POST['pprice'];
$pdman=$_POST['pdman'];
$pdex=$_POST['pdex'];
if(empty($prodname) || empty($pquant) || empty($pprice) ||
empty($pdman)|| empty($pdex))
{
echo "<script> alert('You did not fill out the required fields. ');
window.location.href='addprod.php';</script> ";
}
else{
$prodname = stripslashes($prodname);
$pquant = stripslashes($pquant);
$pprice = stripslashes($pprice);
$pdman = stripslashes($pdman);
$pdex = stripslashes($pdex);
$prodname = mysql_real_escape_string($prodname);
$pquant = mysql_real_escape_string($pquant);
$pprice = mysql_real_escape_string($pprice);
$pdman = mysql_real_escape_string($pdman);
$pdex = mysql_real_escape_string($pdex);
$sql="INSERT INTO products(`product_name`, `prod_quantity`,
`prod_price`, `prod_manD`, `prod_expD`) VALUES
('$prodname','$pquant','$pprice','$pdman','$pdex')";
$result=mysql_query($sql);
echo "<script> alert('Successfully Added Product! ');
window.location.href='prod.php';</script> ";
}
?>
我不知道错在哪里d:
如果可以的话,你应该[停止使用'mysql_ *'功能(http://stackoverflow.com/questions/12859942/why-shouldnt -i-使用MySQL的函数式的PHP)。他们不再被维护,并[正式弃用](https://wiki.php.net/rfc/mysql_deprecation)。了解[准备](http://en.wikipedia.org/wiki/Prepared_statement)[声明](http://php.net/manual/en/pdo.prepared-statements.php),并考虑使用PDO ,[这真的不难](http://jayblanchard.net/demystifying_php_pdo.html)。 –
你是什么意思的“它不工作”? –
对不起,我会学习并尝试使用准备好的语句。 – mikai