将已发布的详细信息插入数

时间:2012-05-25 14:55:56

标签: php mysql

当用户在我的网站上注册时,他们需要输入个人详细信息。输入的详细信息将添加到我的数据库中的personaldetails表中。我有以下代码,但它不起作用,我无法弄清楚为什么。有人可以帮忙吗?我收到错误:查询为空

    $myusername=$_POST['username'];
    $mypassword=$_SESSION['mypassword'];
    $firstname = $_POST['firstname'];
    $surname = $_POST['surname'];
    $dob = $_POST['dob'];
    $totalwins = $_POST['totalwins'];
    $totalloses = $_POST['totalloses'];
    $email = $_POST['email'];
    $country = $_POST['country'];
    $info = $_POST['info'];

    // Connect to server and select database.
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    $queryreg = mysql_query("

                INSERT INTO $tbl_name VALUES('','','$myusername','$mypassword''$firstname','$surname','$totalwins','$totalloses','$email','$country','$info','$dob' )
        ");

if (!mysql_query($sql))
      {
     die('Error: ' . mysql_error());
      }
      else  {
      echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
    }

4 个答案:

答案 0 :(得分:2)

如果您使用具有自动增量的主要字段,则应指定字段名称:

$queryreg = mysql_query("INSERT INTO $tbl_name (field1,field2,field3 ecc) VALUES( ... )");

此外,您的代码是可以注册的,uso PDO

答案 1 :(得分:0)

查询为空,因为您没有对行

中的$ sql赋值 
if (!mysql_query($sql))

要解决此问题,您必须将其指定为:

  $sql = "update  $tbl_name set ...";
  if (!mysql_query($sql))

答案 2 :(得分:0)

有很多事情让我对你的代码感到害怕......

更改为以下内容($mypassword后您的逗号丢失且$sql设置不正确)。 

$sql = "INSERT INTO $tbl_name ( [list columns here besides autoincrement ] ) 
    VALUES 
    ('', '$myusername', '$mypassword', '$firstname', '$surname', 
    '$totalwins', '$totalloses', '$email', '$country', '$info', '$dob' )");

if (!mysql_query($sql)) {

答案 3 :(得分:0)

首先,您将使用代码进行SQL注入。请准备并转发您的帖子数据!这对于防止SQLinjection攻击非常重要。请仔细阅读。

然后,由于这个

发生错误 
if (!mysql_query($sql))
  {
 die('Error: ' . mysql_error());
  }
  else  {
  echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
}

您似乎没有名为$ sql的变量,并且您正在执行两个查询!

请执行以下操作并发布您的反馈

$sql = "INSERT INTO $tbl_name VALUES('','','$myusername','$mypassword''$firstname','$surname','$totalwins','$totalloses','$email','$country','$info','$dob' )";

if (!mysql_query($sql))
  {
 die('Error: ' . mysql_error());
  }
  else  {
  echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
}
相关问题
最新问题