有人可以向我解释为什么这不起作用。尝试按照每个人的建议转换为预处理语句,但在开始时卡住...连接正常,它不返回任何消息,但没有进入我的表(称为名称表)
<?php
$dbhost = "localhost";
$dbuser = "root";
$dbpass = "fidelio";
$dbname = "test";
$con = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
if(mysqli_connect_errno()) {
die("Database connection failed: " .
mysqli_connect_error() .
" (" . mysqli_connect_errno() . ")");
}
$query = "INSERT INTO nametable (fname, lname) values (?,?)";
$stmt = mysqli_prepare($con, $query);
$firstName = "simon";
$lastName = "morris";
mysqli_stmt_bind_param($stmt,"ss",$firstname, $lastname);
mysqli_stmt_execute($stmt);
printf("Error: %s.\n", $stmt->error);
$stmt->close();
?>
我添加了最后两行,并且返回的错误是
错误:。
这很好但是准备好的陈述没有....任何人都知道为什么?
$sql="INSERT INTO nametable (fname, lname)
VALUES ('$firstName', '$lastName')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
答案 0 :(得分:2)
试试这个
$dbhost = "localhost";
$dbuser = "root";
$dbpass = "fidelio";
$dbname = "test";
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
$firstName = "simon";
$lastName = "morris";
if ($stmtb = $mysqli->prepare("INSERT INTO nametable (fname, lname) values (?,?)")) {
$stmtb->bind_param('ss',$firstName, $lastName);
$stmtb->execute();
}else {printf("Prepared Statement Error: %s\n", $mysqli->error);}