爲什麼不這麼簡單的插入工作?沒有插入的唯一價值是$ streamName中,如果我刪除代碼值,則一切正常,下面的代碼:SQL插入不起作用
$userId= $_SESSION['kt_login_id'];
$streamName= $_GET['streamName'];
$streamDuration= $_GET['streamDuration'];
$recorderId= $_GET['recorderId'];
$con = mysql_connect("localhost","wwwmeety_staff","xxxxxx");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("wwwmeety_ourstaff", $con);
mysql_query("INSERT INTO recordedvideos (user_id, streamName, record_duration, recorder_id)
VALUES ($userId, $streamName, $streamDuration, $recorderId)");
mysql_close($con);
和MySQL出口
CREATE TABLE IF NOT EXISTS `recordedvideos` (
`record_id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) DEFAULT NULL,
`streamName` text,
`record_duration` text,
`recorder_id` text,
PRIMARY KEY (`record_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
[SQL注入](http://php.net/manual/en/security.database.sql-injection.php) – 2012-02-26 10:49:35
一個件事值是傳遞對文件,因爲我已經檢查過在螢火蟲中,下面是值: – user974435 2012-02-26 10:49:46
你會得到什麼錯誤信息? (mysql_errno()和mysql_error()返回什麼?) – Arjan 2012-02-26 10:51:46