如何使用我的PHP代碼將值插入到外鍵字段？

Question

我的代碼是將從表單發佈的值插入到表中。 CODE：

1 $email1 = $_POST['txtemail']; 
    2  $user1 = $_POST['txtuser']; 
    3  $date1 = $_POST['txtdate']; 
    4  $subject1 = $_POST['txtsubject']; 
    5  $percent = $_POST['txtpercent']; 
    6  $percent1 = (string) $percent; 
    7  $query = "insert into personal_record values '','$email1','$user1','$date1','$subject1','$percent1'"; 
    8  $result = mysql_query($query,$link); 

這是我的代碼，它給錯誤：

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','jugal_patel2007@yahoo.co.in','Jugal','29 Mar 2011 13:28:42','jquery','40'' at line 1

請幫我儘快...！ 請幫忙。

Answer 1

你需要括號角落找尋值的列表：

insert into personal_record 
values ('','jugal_patel2007@yahoo.co.in','Jugal','29 Mar 2011 13:28:42','jquery','40') 

而且，如idenote，你真的必須使用mysql_real_escape_string()轉義您的數據，以防止SQL Injections！

所以，在這裏，你可能最終得到的東西，看起來有點像這樣：

$email1_safe = mysql_real_escape_string($_POST['txtemail']); 
$user1_safe = mysql_real_escape_string($_POST['txtuser']); 
$date1_safe = mysql_real_escape_string($_POST['txtdate']); 
$subject1_safe = mysql_real_escape_string($_POST['txtsubject']); 
$percent_safe = mysql_real_escape_string($_POST['txtpercent']); 
$percent1_safe = mysql_real_escape_string((string) $percent); 
$query = "insert into personal_record values ('','$email1_safe','$user1_safe','$date1_safe','$subject1_safe','$percent1_safe')"; 
$result = mysql_query($query,$link); 

其他注意事項：

• 確定的百分比是一個字符串在你的數據庫？如果沒有，沒有必要把它作爲一個字符串，只需使用一個整數或小數點/浮動
• 你也應該指定在插入查詢列，名稱列表，只是要確定

Answer 2

更改查詢VAR：

$query = "insert into personal_record values 
      ('','$email1','$user1','$date1','$subject1','$percent1');"; 

按@Pekka的建議：
你缺少括號：它需要VALUES (.....)

Answer 3

你

"insert into personal_record values ('','$email1','$user1','$date1','$subject1','$percent1')"