MYSQL/PHP插入日期

Question

嗨，大家好我可以插入此

date_default_timezone_set(Asia/Hong_Kong); 
$date = date('"m/d/Y H:i:s"'); 

代替

"INSERT INTO date_time(`submitted_time`) VALUES (NOW())" 

，因爲我的問題是使用NOW()或CURRENT_TIMESTAMP()給了我一個不準確的時間

IM這樣做但是當我看數據庫這是什麼被插入0000-00-00 00:00:00.0

date_default_timezone_set('Asia/Manila'); 

if(isset($_POST['submit'])) { 
    $date = date('"m/d/Y H:i:s"'); 
     $query = "INSERT INTO `date_time`(`submitted_time`) 
        VALUES('$date')"; 
     if($conn->query($query)) { 
      echo "success"; 
     } else { 
      echo "error"; 
     } 
} 

Answer 1

如果您確實想要插入日期時間，則生成此日期時間是如何完成的。

注：日期的格式必須是Y-m-d H:i:s因爲這是格式MYSQL理解爲它的DateTime數據類型

date_default_timezone_set('Asia/Manila'); 

if(isset($_POST['submit'])) { 

    $query = "INSERT INTO `date_time` (`submitted_time`) VALUES(?)"; 
    $stmt = $conn->prepare($query); 

    // note the DateTime must be in this format to store correctly on a MYSQL database 
    $dt = date('Y-m-d H:i:s'); 

    $stmt->bind_param('s', $dt); 
    $status = $stmt->execute(); 

    if(!$status) { 
     echo $stmt->error;  
     exit; 
    } 
    echo "success"; 
} 

如果要查看，顯示您的用戶一個DateTime的是任何其他格式表示層的工作將其重新格式化爲任何特定於語言環境的格式。

Your script was at risk of SQL Injection Attack Have a look at what happened to Little Bobby Tables Even if you are escaping inputs, its not safe! Use prepared parameterized statements