我有一个表单,提交提供给数据库的数据。我有以下代码:
<?php
$valid=true;
function is_empty($field,$msg){
if($field==""){
echo $msg;
}
}
if(isset($_POST['register'])){
//PHP FIELD VALIDATIONS
if(is_empty($_POST['fname'],"First name is required <br/>")){
$valid=false;
}
else{
$fname=$_POST['fname'];
}
if(is_empty($_POST['lname'],"Last name is required <br/>")){
$valid=false;
}
else{
$lname=$_POST['lname'];
}
if(is_empty($_POST['email'],"Email is required <br/>")){
$valid=false;
}
else{
$email=$_POST['email'];
}
if(is_empty($_POST['pword'],"Password is required <br/>")){
$valid=false;
}
else{
$pword=$_POST['pword'];
}
if($valid==true)
{
require_once 'scripts/connect_to_mysql.php';
//====USING PREPARED STATEMENTS TO PREVENT SQL INJECTION
$sql = "INSERT INTO customer ".
"(First_name,Last_name,Email, Password, date_added) ".
"VALUES(?,?,?,?,?)";
$stmt=$conn->prepare($sql);//preparing the statement
if(!$stmt){
echo "Unable to prepare: ".$conn->errno. " " .$conn->error;
}
//executing the statement
$date=date('d m Y h:i:s');
if(!$stmt->bind_param('sssss', $fname, $lname, $email, $pword, $date)){
echo "Binding parameters failed: ".$stmt->errno. " " . $stmt->error;//bind parameters to sql statement.
}
if(!$stmt->execute()){//executing the statement
echo "Statement Execution failed: ". $stmt->error;
}
if($stmt->affected_rows==1){
echo $stmt->affected_rows;
echo "<span style='color:green;'>Entered data successfully</span>";
}
else{
echo "Your data was not saved! Please check your inputs";
}
}
$stmt->close();//closing the perpared statement
$conn->close();//closing the connection
}
?>
它将affected_rows
作为1回显,但是当我在数据库中检查我的表时,没有添加新记录。请问我做得对不对?