我的MySQL请求有问题。插入并不是一夜之间就能完成的。我不知道为什么。
mysql_connect('localhost', 'root', '') or die("Impossible de se connecter : ".mysql_error());
mysql_select_db('db');
$name = mysql_query("SELECT name FROM fruitandvegetable WHERE name='".mysql_real_escape_string(stripcslashes($_POST['name']))."'") or die('Erreur :'.mysql_error());
if (mysql_num_rows($name) != 0) {
$doublonName = "The name already exists";
}
$nombre = mysql_query("SELECT nombre FROM fruitandvegetable WHERE nombre='".mysql_real_escape_string(stripcslashes($_POST['nombre']))."'") or die('Erreur :'.mysql_error());
if (mysql_num_rows($nombre) != 0) {
$doublonNombre = "The number already exists";
} else {
$quer1y = mysql_query("INSERT INTO fruitandvegetable VALUES('', '".$_POST['name']."', 'color', '$month', '$description', '".$_POST['nombre']."')");
}
感谢您的帮助。
答案 0 :(得分:1)
您必须指定列名称:
$quer1y = mysql_query("INSERT INTO fruitandvegetable(column1,col2,col3,...) VALUES('', '".$_POST['name']."', 'color', '$month', '$description', '".$_POST['nombre']."')");
另外,您应该切换到PDO或MySQLi,因为mysql_*函数已弃用,并且必须转义每个用户输入或(更好)使用准备好的陈述以防止SQL injection:
$connect = mysqli_connect("localhost","root","","db");
$name = mysqli_query($connect,"SELECT name FROM fruitandvegetable WHERE name='".mysqli_real_escape_string($connect,stripcslashes($_POST['name']))."'")
or die('Erreur :'.mysqli_error());
if(mysqli_num_rows($name) != 0)
{
$doublonName = "The name already exists";
}
$nombre = mysqli_query($connect,"SELECT nombre FROM fruitandvegetable WHERE nombre='".mysqli_real_escape_string($connect,stripcslashes($_POST['nombre']))."'")
or die('Erreur :'.mysqli_error());
if(mysqli_num_rows($nombre) != 0)
{
$doublonNombre = "The number already exists";
}
else
{
$quer1y = mysqli_query($connect,"INSERT INTO fruitandvegetable VALUES('', '".mysqli_real_escape_string($connect,$_POST['name'])."', 'color', '".mysqli_real_escape_string($connect,$month)."', '".mysqli_real_escape_string($connect,$description)."', '".mysqli_real_escape_string($connect,$_POST['nombre'])."')");
}