I am trying to post some data to database. The code seems to be fine but it is not creating new entries in database. What mistake am I making?
我想把一些数据放到数据库中。代码看起来不错,但是它并没有在数据库中创建新的条目。我犯了什么错误?
PhP script:
PhP脚本:
<?php
mysql_connect('localhost','abcd','12345');
mysql_connect_db('xmytestdb');
$hello = $_POST['hello'];
$world = $_POST['world'];
$query = "INSERT INTO 'myTable' VALUES ('','".mysql_real_escape_string($hello)."', '".mysql_real_escape_string($world)."')";
mysql_query($query);
?>
Regards
问候
5 个解决方案
#1
1
Insert $hello and $world into which column?
将$hello和$world插入哪个列?
Assuming columns as hello and world..
假设列是hello和world。
$query = "INSERT INTO myTable (hello, world) VALUES ('mysql_real_escape_string($hello)','mysql_real_escape_string($world)')";
$query =“插入myTable (hello, world)值('mysql_real_escape_string($hello)','mysql_real_escape_string($world)')”;
#2
1
$query = "INSERT INTO myTable SET hello='".mysql_real_escape_string($hello)."' , world='".mysql_real_escape_string($world)."'";
$query = "插入myTable SET hello='".mysql_real_escape_string($hello)。,世界=”.mysql_real_escape_string(世界)美元。”””;
try query like this. :) i hope it will help you.
试着这样的查询。我希望这对你有帮助。
#3
0
Use procedures or functions to insert data into the database. Your website is vulnerable to SQL injection . http://en.wikipedia.org/wiki/SQL_injection
使用过程或函数将数据插入数据库。您的网站容易受到SQL注入的影响。http://en.wikipedia.org/wiki/SQL_injection
#4
0
replce code
replce代码
mysql_connect('localhost','abcd','12345');
mysql_connect_db('xmytestdb');
with
与
$con = mysql_connect('localhost','abcd','12345');
mysql_select_db('xmytestdb',$con);
#5
0
you need to match the input data with field names
您需要将输入数据与字段名匹配
INSERT INTO table1 (fieldname1, fieldname2) VALUES (data1, data2)
插入到表1 (fieldname1, fieldname2)值(data1, data2)
#1
1
Insert $hello and $world into which column?
将$hello和$world插入哪个列?
Assuming columns as hello and world..
假设列是hello和world。
$query = "INSERT INTO myTable (hello, world) VALUES ('mysql_real_escape_string($hello)','mysql_real_escape_string($world)')";
$query =“插入myTable (hello, world)值('mysql_real_escape_string($hello)','mysql_real_escape_string($world)')”;
#2
1
$query = "INSERT INTO myTable SET hello='".mysql_real_escape_string($hello)."' , world='".mysql_real_escape_string($world)."'";
$query = "插入myTable SET hello='".mysql_real_escape_string($hello)。,世界=”.mysql_real_escape_string(世界)美元。”””;
try query like this. :) i hope it will help you.
试着这样的查询。我希望这对你有帮助。
#3
0
Use procedures or functions to insert data into the database. Your website is vulnerable to SQL injection . http://en.wikipedia.org/wiki/SQL_injection
使用过程或函数将数据插入数据库。您的网站容易受到SQL注入的影响。http://en.wikipedia.org/wiki/SQL_injection
#4
0
replce code
replce代码
mysql_connect('localhost','abcd','12345');
mysql_connect_db('xmytestdb');
with
与
$con = mysql_connect('localhost','abcd','12345');
mysql_select_db('xmytestdb',$con);
#5
0
you need to match the input data with field names
您需要将输入数据与字段名匹配
INSERT INTO table1 (fieldname1, fieldname2) VALUES (data1, data2)
插入到表1 (fieldname1, fieldname2)值(data1, data2)