I'm trying to insert some data into a mysql database I created on my localhost (using wamp server). But it's not inserting any data into the table. It doesn't shows any error massages either. In the other hand, it shows the echos I made. Please help me out. I can't type all the code in one page like this question as I'm redirecting to this page from an intermediate php file. Here is the code I wrote.
我试图将一些数据插入到我在本地主机(使用wamp服务器)上创建的mysql数据库中。但它没有向表中插入任何数据。它也不显示任何错误按摩。另一方面,它显示了我所做的回声。请帮帮我。我不能在一个页面中键入所有的代码,就像我从一个中间的php文件重定向到这个页面一样。这是我写的代码。
<?php
$con = mysqli_connect("localhost", "root", "11111", "CAR_PARKING_SYSTEM");
$D_License_No = $_POST['D_License_No'];
$V_License_No = $_POST['V_License_No'];
$V_Type = $_POST['vehicle_type'];
if(!strcmp($V_Type, "four_wheel"))
{
$charge = 400;
}
else
{
$charge = 50;
}
$query = "INSERT INTO CUSTOMER_VEHICLE (V_License_No, D_License_No, Arrived_Time, Charge)
VALUES ('$V_License_No', '$D_License_No', 'date('H:i')', '$charge')";
echo "<p>Driver License Number " .$D_License_No. "</p>";
echo "<p>Vehicle License Plate Number " .$V_License_No. "</p>";
?>
4 个解决方案
#1
3
Here is a way of handling this query:
这里有一种处理此查询的方法:
First we create a database handle. Most people these days use the object oriented way of doing it, so we will use it here.
首先创建一个数据库句柄。现在大多数人都使用面向对象的方法,所以我们在这里使用它。
$mysqli = new MySQLi('localhost', 'root', '11111', 'CAR_PARKING_SYSTEM');
Then we define the SQL query. The question marks (?
) are place holders for where the values will be placed.
然后定义SQL查询。问号(?)是放置值的位置占位符。
$sql = <<< SQL
INSERT INTO `CUSTOMER_VEHICLE` (
`V_License_No`,
`D_License_No`,
`Arrived_Time`,
`Charge`
) VALUES (
?, ?, ?, ?
);
SQL;
In order to fill out the place holders we need to prepare the query. This is called a "prepared statement" (or "stmt" for short).
为了填满位符,我们需要准备查询。这被称为“准备陈述”(或简称“stmt”)。
Prepared statements are sent to the database, which checks it for errors and also optimizes it so that consecutive calls to the execute()
method are performed faster. In this case, however, we are mostly just using a prepared statement in order to avoid malicious input from affecting the query.
准备好的语句被发送到数据库,数据库检查是否有错误,并对其进行优化,以便更快地执行对execute()方法的连续调用。然而,在这种情况下,我们主要是使用一个准备好的语句,以避免恶意输入影响查询。
$stmt = $mysqli->prepare($sql);
if ($stmt === false) {
die('Could not prepare SQL: '.$mysqli->error);
}
Before we can use the prepared statement we have to have some way of putting values into the place holders. We do that by binding some variables to the place holders. In this case we are binding the variables $vLicense
, $dLicense
, $arrived
and $charge
to the place holders. The variables names can be anything.
在我们使用准备好的语句之前,我们必须有一些方法将值输入到该位置。我们通过将一些变量绑定到位符来实现。在本例中,我们将变量$vLicense、$dLicense、$arrived和$charge绑定到位置所有者。变量名可以是任何东西。
$ok = $stmt->bind_param('sssi', $vLicense, $dLicense, $arrived, $charge);
if ($ok === false) {
die('Could not bind params: '.$stmt->error);
}
Now that we have bound some variables to the place holders we can start setting their values. In this case we are using the filter_input()
function to sanitize the input of some variables. The $charge
variable is set to one of two values depending on what vehicle type we are dealing with.
现在我们已经将一些变量绑定到位符上,我们可以开始设置它们的值。在本例中,我们使用filter_input()函数来清除某些变量的输入。$charge变量设置为两个值中的一个,这取决于我们处理的车辆类型。
$vLicense = filter_input(INPUT_POST, 'V_License_No', FILTER_SANITIZE_STRING);
$dLicense = filter_input(INPUT_POST, 'D_License_No', FILTER_SANITIZE_STRING);
$arrived = date('H:i');
if (isset($_POST['vehicle_type']) && $_POST['vehicle_type'] === 'four_wheel') {
$charge = 50;
} else {
$charge = 400;
}
The values are set and now we can execute the statement. That is done simply by calling the statement's execute()
method:
设置了值,现在可以执行语句了。只需调用语句的execute()方法:
if ($stmt->execute() === false) {
die('Could not execute query: '.$stmt->error);
} else {
echo '<p>Query executed successfully!</p>';
}
$stmt->close();
I encourage you to read about the MySQLi documentation and the filter extension.
我鼓励您阅读MySQLi文档和过滤器扩展。
The full code can be found here.
完整的代码可以在这里找到。
#2
2
You are not inserting anything, $query
is just an string, you need to pass the query to the mysqli function, also, is better if you check and avoid sql injection. Your code should be something like this:
您没有插入任何内容,$query只是一个字符串,您需要将查询传递给mysqli函数,而且,如果您检查并避免sql注入,效果会更好。你的代码应该是这样的:
$mysqli = new mysqli("localhost", "root", "11111", "CAR_PARKING_SYSTEM");
$D_License_No = $_POST['D_License_No'];
$V_License_No = $_POST['V_License_No'];
$V_Type = $_POST['vehicle_type'];
$charge = !strcmp($V_Type, "four_wheel")?400:50;
$query = "insert into CUSTOMER_VEHICLE
(`V_License_No`, `D_License_No`, `Arrived_Time`, `Charge`)
values(? , ?, ?, ?)"
$stmt = $mysqli->prepare($query);
$stmt->bind_param("ssss",$V_License_No, $D_License_No, date('H:i'), $charge);
if($stmt->execute()){
//success inserted
$stmt->close();
echo "<p>Driver License Number " .$D_License_No. "</p>";
echo "<p>Vehicle License Plate Number " .$V_License_No. "</p>";
}
else{
$error = $mysqli->error;
}
#3
0
You forgot to run a query:
您忘记运行查询:
$result = mysqli_query($query);
#4
-3
you need to use some debugging to get some errors s oyou can investergate futher this is how i would of built said script
你需要使用一些调试来获得一些错误,你可以投资,这是我的构建脚本。
<?php
try
{
$con = mysqli_connect("localhost", "root", "11111", "CAR_PARKING_SYSTEM");
if (empty($con))
{
echo "Mysql failed".mysqli_error();
die; // should always kill script if you dont need it to continue
}
$D_License_No = $_POST['D_License_No'];
$V_License_No = $_POST['V_License_No'];
$V_Type = $_POST['vehicle_type'];
if(!strcmp($V_Type, "four_wheel"))
{
$charge = 400;
}
else
{
$charge = 50;
}
$query = "INSERT INTO CUSTOMER_VEHICLE (V_License_No, D_License_No, Arrived_Time, Charge)
VALUES ('$V_License_No', '$D_License_No', 'date('H:i')', '$charge')";
echo "<p>Driver License Number " .$D_License_No. "</p>";
echo "<p>Vehicle License Plate Number " .$V_License_No. "</p>";
}
catch (Exception $e)
{
echo $e;
}
?>
im sorry if i have some syntax off i am on a train and not the best place to code :P
对不起,如果我有一些语法错误,我是在火车上,而不是最好的地方编码:P。
#1
3
Here is a way of handling this query:
这里有一种处理此查询的方法:
First we create a database handle. Most people these days use the object oriented way of doing it, so we will use it here.
首先创建一个数据库句柄。现在大多数人都使用面向对象的方法,所以我们在这里使用它。
$mysqli = new MySQLi('localhost', 'root', '11111', 'CAR_PARKING_SYSTEM');
Then we define the SQL query. The question marks (?
) are place holders for where the values will be placed.
然后定义SQL查询。问号(?)是放置值的位置占位符。
$sql = <<< SQL
INSERT INTO `CUSTOMER_VEHICLE` (
`V_License_No`,
`D_License_No`,
`Arrived_Time`,
`Charge`
) VALUES (
?, ?, ?, ?
);
SQL;
In order to fill out the place holders we need to prepare the query. This is called a "prepared statement" (or "stmt" for short).
为了填满位符,我们需要准备查询。这被称为“准备陈述”(或简称“stmt”)。
Prepared statements are sent to the database, which checks it for errors and also optimizes it so that consecutive calls to the execute()
method are performed faster. In this case, however, we are mostly just using a prepared statement in order to avoid malicious input from affecting the query.
准备好的语句被发送到数据库,数据库检查是否有错误,并对其进行优化,以便更快地执行对execute()方法的连续调用。然而,在这种情况下,我们主要是使用一个准备好的语句,以避免恶意输入影响查询。
$stmt = $mysqli->prepare($sql);
if ($stmt === false) {
die('Could not prepare SQL: '.$mysqli->error);
}
Before we can use the prepared statement we have to have some way of putting values into the place holders. We do that by binding some variables to the place holders. In this case we are binding the variables $vLicense
, $dLicense
, $arrived
and $charge
to the place holders. The variables names can be anything.
在我们使用准备好的语句之前,我们必须有一些方法将值输入到该位置。我们通过将一些变量绑定到位符来实现。在本例中,我们将变量$vLicense、$dLicense、$arrived和$charge绑定到位置所有者。变量名可以是任何东西。
$ok = $stmt->bind_param('sssi', $vLicense, $dLicense, $arrived, $charge);
if ($ok === false) {
die('Could not bind params: '.$stmt->error);
}
Now that we have bound some variables to the place holders we can start setting their values. In this case we are using the filter_input()
function to sanitize the input of some variables. The $charge
variable is set to one of two values depending on what vehicle type we are dealing with.
现在我们已经将一些变量绑定到位符上,我们可以开始设置它们的值。在本例中,我们使用filter_input()函数来清除某些变量的输入。$charge变量设置为两个值中的一个,这取决于我们处理的车辆类型。
$vLicense = filter_input(INPUT_POST, 'V_License_No', FILTER_SANITIZE_STRING);
$dLicense = filter_input(INPUT_POST, 'D_License_No', FILTER_SANITIZE_STRING);
$arrived = date('H:i');
if (isset($_POST['vehicle_type']) && $_POST['vehicle_type'] === 'four_wheel') {
$charge = 50;
} else {
$charge = 400;
}
The values are set and now we can execute the statement. That is done simply by calling the statement's execute()
method:
设置了值,现在可以执行语句了。只需调用语句的execute()方法:
if ($stmt->execute() === false) {
die('Could not execute query: '.$stmt->error);
} else {
echo '<p>Query executed successfully!</p>';
}
$stmt->close();
I encourage you to read about the MySQLi documentation and the filter extension.
我鼓励您阅读MySQLi文档和过滤器扩展。
The full code can be found here.
完整的代码可以在这里找到。
#2
2
You are not inserting anything, $query
is just an string, you need to pass the query to the mysqli function, also, is better if you check and avoid sql injection. Your code should be something like this:
您没有插入任何内容,$query只是一个字符串,您需要将查询传递给mysqli函数,而且,如果您检查并避免sql注入,效果会更好。你的代码应该是这样的:
$mysqli = new mysqli("localhost", "root", "11111", "CAR_PARKING_SYSTEM");
$D_License_No = $_POST['D_License_No'];
$V_License_No = $_POST['V_License_No'];
$V_Type = $_POST['vehicle_type'];
$charge = !strcmp($V_Type, "four_wheel")?400:50;
$query = "insert into CUSTOMER_VEHICLE
(`V_License_No`, `D_License_No`, `Arrived_Time`, `Charge`)
values(? , ?, ?, ?)"
$stmt = $mysqli->prepare($query);
$stmt->bind_param("ssss",$V_License_No, $D_License_No, date('H:i'), $charge);
if($stmt->execute()){
//success inserted
$stmt->close();
echo "<p>Driver License Number " .$D_License_No. "</p>";
echo "<p>Vehicle License Plate Number " .$V_License_No. "</p>";
}
else{
$error = $mysqli->error;
}
#3
0
You forgot to run a query:
您忘记运行查询:
$result = mysqli_query($query);
#4
-3
you need to use some debugging to get some errors s oyou can investergate futher this is how i would of built said script
你需要使用一些调试来获得一些错误,你可以投资,这是我的构建脚本。
<?php
try
{
$con = mysqli_connect("localhost", "root", "11111", "CAR_PARKING_SYSTEM");
if (empty($con))
{
echo "Mysql failed".mysqli_error();
die; // should always kill script if you dont need it to continue
}
$D_License_No = $_POST['D_License_No'];
$V_License_No = $_POST['V_License_No'];
$V_Type = $_POST['vehicle_type'];
if(!strcmp($V_Type, "four_wheel"))
{
$charge = 400;
}
else
{
$charge = 50;
}
$query = "INSERT INTO CUSTOMER_VEHICLE (V_License_No, D_License_No, Arrived_Time, Charge)
VALUES ('$V_License_No', '$D_License_No', 'date('H:i')', '$charge')";
echo "<p>Driver License Number " .$D_License_No. "</p>";
echo "<p>Vehicle License Plate Number " .$V_License_No. "</p>";
}
catch (Exception $e)
{
echo $e;
}
?>
im sorry if i have some syntax off i am on a train and not the best place to code :P
对不起,如果我有一些语法错误,我是在火车上,而不是最好的地方编码:P。