在PHP中使用占位符时出错

时间:2013-10-01 13:27:55

标签: php mysql mysqli

<?php
    if(isset($_POST['btnSubmit1'])){
$fullName=htmlentities(mysql_real_escape_string($_POST['name']));
    $emailID=htmlentities(mysql_real_escape_string($_POST['email']));

    $mobNo=htmlentities(mysql_real_escape_string($_POST['mobile']));
    $c=htmlentities(mysql_real_escape_string($_POST['city']));
    $p=htmlentities(mysql_real_escape_string($_POST['pincode']));
    $t=$_POST['type'];
    $tm=time();



    $query = 'PREPARE statement FROM "INSERT INTO agrl
VALUES(?,?,?,?,?,?,?)"';
mysql_query($query);
$query = 'SET @name = "$fullName",' .
'@email = "$emailID",' .
'@mobo = "$mobNo",' .
'@city = "$c",' .
'@pincode = "$p",'.
'@country = "$t",'.
'@time = "$tm"';

$query = 'EXECUTE statement USING 
@name,@email,@mobo,@city,@pincode,@country,@time';

    if(!(mysql_query($query))){
        echo "Sorry!!! please try again";
    }
    else{
        $query = 'DEALLOCATE PREPARE statement';
mysql_query($query);
        echo "<script     
type='text/javascript'>alert('success')</script>";



}
}

?>

此代码完全适用于f9,但不是从表单字段插入数据,而是插入变量名称 例如:如果我在我的表单的名称字段中输入robert并点击提交按钮,那么不是将robert保存在我的数据库中,而是保存$ fullName .. 请帮助..提前感谢

2 个答案:

答案 0 :(得分:-1)

PHP仅在双引号字符串中用字符串中的teirs值替换变量。 只需更改查询中的引号

即可
$query = "SET @name = \"$fullName\"," .
"@email = \"$emailID\"," .
"@mobo = \"$mobNo\"," .
"@city = \"$c\"," .
"@pincode = \"$p\",".
"@country = \"$t\",".
"@time = \"$tm\"";

答案 1 :(得分:-2)

问题在于:

$query = 'SET @name = "$fullName",' .
'@email = "$emailID",' .
'@mobo = "$mobNo",' .
'@city = "$c",' .
'@pincode = "$p",'.
'@country = "$t",'.
'@time = "$tm"';

PHP单引号不允许你的变量在里面。改为使用双引号,或者连接像'SET @email = "'.$emailID.'",'

这样的字符串