1. 首頁
  2. 問答
  3. 如何使用Textarea將此數據存儲在數據庫中?

如何使用Textarea將此數據存儲在數據庫中?

2014-10-04 118 views
0

我收到此錯誤信息:如何使用Textarea將此數據存儲在數據庫中?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Hello World'; ?>')' at line 1

我期待存儲以下數據:

<?php echo 'Hello World'; ?>

這是我的代碼:

if(isset($_POST['submit'])){ 
    $post = $_POST['post']; 


    $tqs = "INSERT INTO ttn03 (post) VALUES ('$post')"; 

    $tqr = mysqli_query($dbc, $tqs) or die(mysqli_error($dbc)); 

    echo "The data has gotten successfully added."; 
}

使用這兩個沒有爲工作me:

htmlspecialchars(); 
htmlentities();

這是HTML表單:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> 
    <textarea name="post" value=""></textarea> 
    <br/> 
    <input type="submit" name="submit"/> 
</form>

數據庫歸類是:

utf8_unicode_ci

這是我的頭:

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

有什麼建議?

來源

2014-10-04 ftxn

+1

** STOP投擲的數據。 **我不知道是誰給了你直接在SQL中拋出'$ post'數據的想法,但他應該被槍殺。 – Christian 2014-10-04 09:59:33

回答

0

這是代碼應如何看起來像:

// first of all, make sure 'post' is set - don't let PHP guessing what to when it's not set. 
if(isset($_POST['post'])){ 
    $post = $_POST['post']; 
}else{ 
    $post = ''; 
} 

// this is your SQL QUERY. Never, ever, ever, throw data in sql queries 
$tqs = $mysqli->prepare('INSERT INTO ttn03 (post) VALUES (?)'); 

// this is how to pass data to the statement 
$statement->bind_param('s', $post); 

// execute the statement and prints errors 
if(!$statement->execute()){ 
    die('Error '. $mysqli->errno .': '. $mysqli->error); 
} 

// close statement 
$statement->close();

你可以找到一些優秀的文檔和例子在這裏:SQL查詢中

http://www.sanwebe.com/2013/03/basic-php-mysqli-usage

來源

2014-10-04 10:07:01 Christian

相關問題

 相關問題