<?php
if(isset($_POST['btnSubmit1'])){
$fullName=htmlentities(mysql_real_escape_string($_POST['name']));
$emailID=htmlentities(mysql_real_escape_string($_POST['email']));
$mobNo=htmlentities(mysql_real_escape_string($_POST['mobile']));
$c=htmlentities(mysql_real_escape_string($_POST['city']));
$p=htmlentities(mysql_real_escape_string($_POST['pincode']));
$t=$_POST['type'];
$tm=time();
$query = 'PREPARE statement FROM "INSERT INTO agrl
VALUES(?,?,?,?,?,?,?)"';
mysql_query($query);
$query = 'SET @name = "$fullName",' .
'@email = "$emailID",' .
'@mobo = "$mobNo",' .
'@city = "$c",' .
'@pincode = "$p",'.
'@country = "$t",'.
'@time = "$tm"';
$query = 'EXECUTE statement USING
@name,@email,@mobo,@city,@pincode,@country,@time';
if(!(mysql_query($query))){
echo "Sorry!!! please try again";
}
else{
$query = 'DEALLOCATE PREPARE statement';
mysql_query($query);
echo "<script
type='text/javascript'>alert('success')</script>";
}
}
?>
此代码完全适用于f9,但不是从表单字段插入数据,而是插入变量名称 例如:如果我在我的表单的名称字段中输入robert并点击提交按钮,那么不是将robert保存在我的数据库中,而是保存$ fullName .. 请帮助..提前感谢
答案 0 :(得分:-1)
PHP仅在双引号字符串中用字符串中的teirs值替换变量。 只需更改查询中的引号
即可$query = "SET @name = \"$fullName\"," .
"@email = \"$emailID\"," .
"@mobo = \"$mobNo\"," .
"@city = \"$c\"," .
"@pincode = \"$p\",".
"@country = \"$t\",".
"@time = \"$tm\"";
答案 1 :(得分:-2)
问题在于:
$query = 'SET @name = "$fullName",' .
'@email = "$emailID",' .
'@mobo = "$mobNo",' .
'@city = "$c",' .
'@pincode = "$p",'.
'@country = "$t",'.
'@time = "$tm"';
PHP单引号不允许你的变量在里面。改为使用双引号,或者连接像'SET @email = "'.$emailID.'",'