为什么不这么简单的插入工作?没有插入的唯一价值是$ streamName中,如果我删除代码值,则一切正常,下面的代码:SQL插入不起作用
$userId= $_SESSION['kt_login_id'];
$streamName= $_GET['streamName'];
$streamDuration= $_GET['streamDuration'];
$recorderId= $_GET['recorderId'];
$con = mysql_connect("localhost","wwwmeety_staff","xxxxxx");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("wwwmeety_ourstaff", $con);
mysql_query("INSERT INTO recordedvideos (user_id, streamName, record_duration, recorder_id)
VALUES ($userId, $streamName, $streamDuration, $recorderId)");
mysql_close($con);
和MySQL出口
CREATE TABLE IF NOT EXISTS `recordedvideos` (
`record_id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) DEFAULT NULL,
`streamName` text,
`record_duration` text,
`recorder_id` text,
PRIMARY KEY (`record_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
[SQL注入](http://php.net/manual/en/security.database.sql-injection.php) – 2012-02-26 10:49:35
一个件事值是传递对文件,因为我已经检查过在萤火虫中,下面是值: – user974435 2012-02-26 10:49:46
你会得到什么错误信息? (mysql_errno()和mysql_error()返回什么?) – Arjan 2012-02-26 10:51:46