我的MYSQLi查询未正确插入数据库,我不确定语法错误在哪里。请帮忙!
$name = mysqli_real_escape_string($_POST['name']);
$mail = mysqli_real_escape_string($_POST['mail']);
$comment = mysqli_real_escape_string($_POST['comment']);
$postid = mysqli_real_escape_string($_POST['postid']);
mysqli_query($con, "INSERT INTO `comment` (name, mail, comment, post_id) VALUES ({$name}, {$mail}, {$comment}, {$postid})");
答案 0 :(得分:0)
尝试:
mysqli_query($con, "INSERT INTO `comment` (name, mail, comment, post_id) VALUES ('".$name."', '".$mail."', '".$comment."', '".$postid."')");
现在应该可以工作..
答案 1 :(得分:0)
你需要在查询中用引号括起来,只能在没有引号的情况下插入整数字段
mysqli_query($con, "INSERT INTO `comment` (name, mail, comment, post_id) VALUES ('$name', '$mail', '$comment', '$postid')");
由于您已经在使用mysqli,我宁愿使用prepared statements而不是清理您的变量,然后插入数据库。