此代码将表单中的数据插入名为“test”的数据库和名为“signup”的表中。插入查询无效:
<?php
echo"working2";
if(isset($_POST['submit']))
{
echo"woerking";
$conn = mysql_connect("localhost", "root", "", "test") or die("error connecting");
echo"woerking1";
$flag=0;
$Rno=$_POST['rno'];
echo$Rno;
$fname=$_POST['fname'];
echo $fname;
$lname=$_POST['lname'];
$email=$_POST['uemail'];
$pswd=$_POST['pswd'];
$repswd=$_POST['repswd'];
//$choice="select Rollno from signup where Rollno='$Rno' ";
//$chk=mysql_query($choice);
//echo $chk;
//while($row=mysql_fetch_array($chk))
//{
//echo "<font color='red'>ROLL-NUMBER ALREADY EXIST!!!!</font>";
//$flag=1;
//}
if($flag==0)
{
$query="INSERT INTO `signup`(`Rollno`, `fname`, `lname`, `email-id`, `password`, `retype`) VALUES($Rno,'$fname','$lname','$email','$pswd','$repswd')";
*##//query not working##*
$tem=mysql_query($query);
if(isset($tem))
{
echo"REGISTERED SUCCESSFULLY";
}
}
}
?>
答案 0 :(得分:0)
尝试此更改开始:
$tem=mysql_query($query) or die(mysql_error());
这将告诉您查询的问题。不幸的是,它不会告诉你代码中的SQL注入漏洞 - 但无论如何请修复它们!
答案 1 :(得分:0)
$query="INSERT INTO `signup`(`Rollno`,`fname`,`lname`,`email-id`,`password`,`retype`)VALUES('".$Rno."','".$fname."','".$lname."','".$email."','".$pswd."','".$repswd."')";
尝试这样..