無法執行插入查詢？

你能幫我解決這個問題嗎？即時嘗試插入數據到我的數據庫，而不是插入die（）輸出;出現無法執行插入查詢？

<?php 
    if (isset($_GET['submit'])) { 
     $item_code = mysqli_real_escape_string($conn, $_GET['item_code']); 
     $item_name = mysqli_real_escape_string($conn, $_GET['item_name']); 
     $supplier = mysqli_real_escape_string($conn, $_GET['supplier_name']); 
     $brand = mysqli_real_escape_string($conn, $_GET['brand_name']); 
     $quantity = mysqli_real_escape_string($conn, $_GET['quantity']); 
     $unit = mysqli_real_escape_string($conn, $_GET['unit_name']); 
     $price = mysqli_real_escape_string($conn, $_GET['price']); 
     $item_type = mysqli_real_escape_string($conn, $_GET['type_name']); 
     $category = mysqli_real_escape_string($conn, $_GET['cat_name']); 

     if ($item_code == '' || $item_name == '' || $supplier == '' || $brand == '' || 
      $quantity == '' || 
      $unit == '' || 
      $price == '' || 
      $item_type == '' || 
      $category == '' 
     ) { 
      header("Location: item.php?attempt=empty"); 
     } else { 
      $sql = mysqli_query($conn, "INSERT INTO itemlist (item_name,supplier_name,brand_name,quantity,unit_name,price,type_name,cat_name) values('$item_name','$supplier','$brand','$quantity','$unit','$price','$item_type','$category')") 

      or die("Could not execute the insert query."); 
      header("Location: item.php?attempt=saved"); 
     } 
    } 
?>

來源

2016-05-16 MACKIE MACKO

檢查錯誤'die（「Error description：」。mysqli_error（$ conn））;' –

將mysqli_error（$ conn）'和任何對數據庫的調用一起使用以處理任何錯誤將會很好。請嘗試讓我們知道什麼是確切的錯誤。 – mitkosoft

在sql查詢中加上「''field \''」 –

1）在插入查詢中添加item_code。

<?php 
    if (isset($_GET['submit'])) { 
     $item_code = mysqli_real_escape_string($conn, $_GET['item_code']); 
     $item_name = mysqli_real_escape_string($conn, $_GET['item_name']); 
     $supplier = mysqli_real_escape_string($conn, $_GET['supplier_name']); 
     $brand = mysqli_real_escape_string($conn, $_GET['brand_name']); 
     $quantity = mysqli_real_escape_string($conn, $_GET['quantity']); 
     $unit = mysqli_real_escape_string($conn, $_GET['unit_name']); 
     $price = mysqli_real_escape_string($conn, $_GET['price']); 
     $item_type = mysqli_real_escape_string($conn, $_GET['type_name']); 
     $category = mysqli_real_escape_string($conn, $_GET['cat_name']); 

     if ($item_code == '' || $item_name == '' || $supplier == '' || $brand == '' || 
      $quantity == '' || 
      $unit == '' || 
      $price == '' || 
      $item_type == '' || 
      $category == '' 
     ) { 
      header("Location: item.php?attempt=empty"); 
     } else { 
      $sql = mysqli_query($conn, "INSERT INTO itemlist (item_code,item_name,supplier_name,brand_name,quantity,unit_name,price,type_name,cat_name) values('$item_code','$item_name','$supplier','$brand','$quantity','$unit','$price','$item_type','$category')") 

      or die("Could not execute the insert query."); 
      header("Location: item.php?attempt=saved"); 
     } 
    } 
?>

2）另一種方式來解決它是定義item_code爲primary key。

3）其他的方法是定義item_code與像0

來源

2016-05-16 07:03:46 RJParikh

任何缺省值你可以試試這個解決方法：

function escape($col, $conn) { 
    return mysqli_real_escape_string($conn, $_GET[$col]); 
} 

function insert($tbl, $dataArray) { 
    foreach ($dataArray as $k => $v) { 
     $keys .= $k . ", "; 
     $values .= "'" . $this->real_escape_string($v) . "', "; 
    } 

    $keys = substr($keys, 0, strlen($keys) - 2); 
    $values = substr($values, 0, strlen($values) - 2); 
    $sql = "INSERT INTO " . $tbl . "(" . $keys . ") VALUES(" . $values . ")"; 
    $exeq = mysqli_query($sql); 
    return $exeq; 
} 

$fields = array("item_code", "item_name", "supplier_name", "brand_name", "quantity", "unit_name", "price", "type_name", "cat_name"); 

if (isset($_GET['submit'])) { 
    $item_code = escape('item_code', $conn); 
    $item_name = escape('item_name', $conn); 
    $supplier = escape('supplier_name', $conn); 
    $brand  = escape('brand_name', $conn); 
    $quantity = escape('quantity', $conn); 
    $unit  = escape('unit_name', $conn); 
    $price  = escape('price', $conn); 
    $item_type = escape('type_name', $conn); 
    $category = escape('cat_name', $conn); 

    foreach ($fields as $field) { 
     if (!$_GET[$field]) { 
      header("Location: item.php?attempt=empty"); 
     } 
    } 

    $dataInsert = array(
     'item_code'  => $item_code, 
     'item_name'  => $item_name, 
     'supplier_name' => $supplier, 
     'brand_name' => $brand, 
     'quantity'  => $quantity, 
     'unit_name'  => $unit, 
     'price'   => $price, 
     'type_name'  => $item_type, 
     'cat_name'  => $category 
    ); 

    if (insert("itemlist", $dataInsert)) { 
     header("Location: item.php?attempt=saved"); 
    } else { 
     echo "Could not execute the insert query."; 
     exit(); 
    } 
}

來源

2016-05-16 07:31:49

我剛剛注意到的事情：

爲什麼要用GET方法來傳遞數據而不是POST？
可以使用empty()代替== ''
您可以嘗試prepared statement，而不是逃避和消毒每個提交的數據
什麼是$_GET['item_code']的目的是什麼？您沒有在插入中使用它，但它在if()條件中。

假設你改變了你的形式從GET到POST方法：

if (isset($_POST['submit'])) { 

    if(empty($_POST['item_code']) || empty($_POST['item_name']) || empty($_POST['supplier_name']) || empty($_POST['brand_name']) || empty($_POST['quantity']) || empty($_POST['unit_name']) || empty($_POST['price']) || empty($_POST['type_name']) || empty($_POST['cat_name'])){ 

     header("Location: item.php?attempt=empty"); 

    } else { 

     $stmt = $conn->prepare("INSERT INTO itemlist (item_code, item_name, supplier_name, brand_name, quantity, unit_name, price, type_name, cat_name) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); 
     $stmt->bind_param("sssssssss", $_POST['item_code'], $_POST['item_name'], $_POST['supplier_name'], $_POST['brand_name'], $_POST['quantity'], $_POST['unit_name'], $_POST['price'], $_POST['type_name'], $_POST['cat_name']); 
     $stmt->execute(); 
     $stmt->close(); 

     header("Location: item.php?attempt=saved"); 
    } 
}

記住，一個空的數據會去if()條件內，執行header("Location: item.php?attempt=empty");。

來源

2016-05-16 07:44:23

無法執行插入查詢？

回答

相關問題