2014-04-20 61 views
-3

//如何修改下面的代碼,以便插入到表單中的值可以插入到我的mysql數據庫中?我可以連接到我的數據庫就好,我的數據庫被稱爲圖像和表被稱爲人。如何將表單腳本中的記錄插入到mysql數據庫中?

 //This is my insert.php file 

     <?php 
      $con=mysqli_connect("localhost","root","anble","images"); 
      // Check connection 
      if (mysqli_connect_errno()) 
      { 
       echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
      } 

      // escape variables for security 
      $FirstName = mysqli_real_escape_string($_POST["FirstName"]); 
      $LastName = mysqli_real_escape_string($_POST["LastName"]); 
      $Age = mysqli_real_escape_string($_POST['Age']); 

      $sql="INSERT INTO Persons (Name, LastName, Age); 
      VALUES ($FirstName, $LastName, $Age)"; 

      if (!mysqli_query($con,$sql)) 
      { 
       die('Error: ' . mysqli_error($con)); 
      } 
      echo "1 record added"; 

      mysqli_close($con); 
      ?> 

     // This is my form file 

     <html> 
     <body> 

     <form action="insert.php" method="post"> 
     Firstname: <input name="FirstName" type="text" value="FirstName"> 
     Lastname: <input name="LastName" type="text" value="LastName"> 
     Age: <input name="Age" type="text" value="Age"> 
     <input type="submit"> 
     </form> 

     </body> 
     </html> 



    // This is the error 
Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp \htdocs\check_php\insert.php on line 10 

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\check_php\insert.php on line 11 

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\check_php\insert.php on line 12 
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '; VALUES (, ,)' at line 1 
+0

查找'mysqli_real_escape_string()'PHP手冊,看看它期望的參數。這是非常基本的東西。 –

+0

我今年15歲。 – user3553512

+0

那麼?錯誤消息告訴你到底發生了什麼問題。查看手冊將爲您提供解決問題的信息。 –

回答

0

cahnge:

// escape variables for security 
     $FirstName = mysqli_real_escape_string($_POST["FirstName"]); 
     $LastName = mysqli_real_escape_string($_POST["LastName"]); 
     $Age = mysqli_real_escape_string($_POST['Age']); 

到:

// escape variables for security 
     $FirstName = mysqli_real_escape_string($con,$_POST["FirstName"]); 
     $LastName = mysqli_real_escape_string($con,,$_POST["LastName"]); 
     $Age = mysqli_real_escape_string($con,$_POST['Age']); 

mysqli_real_escape_string()需要兩個參數來傳遞
1)連接

2)escapestring

你只傳遞了escapestring,你需要在mysqli_real_escape_string()提供鏈接標識符。

see doc

你還需要在字符串變量裏面添加查詢報價。 變化:

$sql="INSERT INTO Persons (Name, LastName, Age); 
      VALUES ($FirstName, $LastName, $Age)"; 

到:

$sql="INSERT INTO Persons (Name, LastName, Age) 
      VALUES ('$FirstName', '$LastName', '$Age')"; 
+0

不存在此錯誤存在 - 錯誤:您的SQL語法中有錯誤;檢查與您的MySQL服務器版本對應的手冊,以找到在';'附近使用的正確語法。 VALUES(Andrew,Brin,15)'第1行 – user3553512

+0

'$ Firstname'和'$ Lastname'是字符串變量。在查詢中使用時,它們應該用單引號括起來。 –

+0

嘗試我更新的答案,並嘗試瞭解腳本中存在的問題@ user3553512 –

0

更改此:

1)mysqli_real_escape_string()預計2點所需的參數。

2)$Firstname$Lastname是字符串變量。在查詢中使用時,它們應該用單引號'括起來。

$FirstName = mysqli_real_escape_string($con, $_POST["FirstName"]); 
$LastName = mysqli_real_escape_string($con, $_POST["LastName"]); 
$Age = mysqli_real_escape_string($con, $_POST['Age']); 

$sql="INSERT INTO Persons (Name, LastName, Age); 
     VALUES ('$FirstName', '$LastName', $Age)"; 
相關問題