出于某种原因,我无法发布超过40~字符的文本..
代码
// remove space
foreach($_POST as $key => $val) $_POST[$key] = trim($val);
// check for empty fields
if (empty($_POST['comment'])) {
header("Refresh: 2; url=$_SERVER[REQUEST_URI]");
exit('<div class="error_msg">You can\'t post a blank message.</div>');
}
// save if no problem
else {
mysql_query("INSERT INTO comments (comment, content, content_id, poster, date)
VALUES('{$_POST['comment']}', 'thread', '$thread_id', '1', NOW())");
header("refresh: 2; url=thread.php?id=$thread_id");
// SUCCESS
}
Db的:
`id` int(11) NOT NULL AUTO_INCREMENT,
`comment` text,
`content` varchar(255) NOT NULL,
`content_id` int(11) NOT NULL DEFAULT '0',
`poster` int(11) NOT NULL DEFAULT '0',
`date` datetime NOT NULL
任何想法?
是的,我要消毒$ _post
感谢 托马斯
答案 0 :(得分:1)
尝试一些基本调试:
$sql = "INSERT INTO comments (comment, content, content_id, poster, date)
VALUES('{$_POST['comment']}', 'thread', '$thread_id', '1', NOW())";
echo "$sql<br />";
mysql_query($sql);
然后将输出内容剪切并粘贴到MySQL命令行客户端,看看是否收到任何消息。
我能想到的另一件事是MySQL数据包大小,但这是一个很长的镜头:
mysql> show variables like '%packet%';
+--------------------+-----------+
| Variable_name | Value |
+--------------------+-----------+
| max_allowed_packet | 268435456 |
+--------------------+-----------+