textarea内容插入无法访问mysql数据库

时间:2015-01-05 10:39:38

标签: php mysql

我正在尝试将记录发布到数据库中我修改网站后几天前工作正常,但是工作不正常。

当我尝试回应内容时,我得到了一切正常。即使我尝试插入没有textarea内容的记录,那么只有当我尝试插入包含内容的记录时才能完美运行我的意思是$ post_content然后我在查询中出错了。

如果我使用mysql_real_escape_string(),我已经插入了记录但是没有textarea内容,它是空白的,我使用nl2br()来逃避换行,但此时没有任何工作完全失败,并且相同的代码是在我的本地计算机服务器上完美地工作,找不到真正的问题所在。

我认为文本编辑器导致问题,我现在使用niceEdit,我也尝试使用tinyMce但从不工作。有人可以帮帮我吗?

<!DOCTYPE html>
<html> 
    <head>
        <title> Insert New Post</title>
        <script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script>
        <script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script>

        <style>

        input[type="text"]{
            width:90%;
            height: 30px;
        }
        select{
           height: 30px; 
        }
        table{
            width:100%;
        }
        label{
            font-weight:300;font-size:1.5em;text-align: right;
        }
        textarea{
            width: 90%;
        }
    </style>
        </style>
    </head>
    <!-- BEGIN BODY -->
<body>
<?php include('config.php'); ?>
 <?php
 ob_start();
    if($_SERVER["REQUEST_METHOD"] == "POST"){
          $post_title=$_POST['post_title'];
          $post_author=$_POST['post_author'];
          //$post_date=date("l jS \of F Y h:i:s A");
          //$post_date=date("l jS \of F Y");
          $post_catagory=$_POST['post_catagory'];
          $post_image=$_FILES['post_image']['name'];
          $post_image_tmp=$_FILES['post_image']['tmp_name'];
          $post_keyword=$_POST['post_keyword'];
         $post_page=$_POST['post_page'];
          $post_content=mysql_real_escape_string($_POST['post_content']);
        // $post_content= nl2br($post_content); 
         if($post_author==''){
           echo "<script>alert('You must fill all blank fields'); window.location('insert_post.php');</script>";
           exit();
         }
         else{
           move_uploaded_file($post_image_tmp,"../../images/$post_image");
           $sql="insert into post (page_id,post_title,post_author,post_image,post_keywords,post_catagory,post_content) values ('$post_page','$post_title','$post_author','$post_image','$post_keyword','$post_catagory','$post_content')";
           $result=mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
           if(!$result){
             echo"<h2 style=\"color:red;position:absolute;top:0;left:400px;\">Your post wasnt posted something is worng</h2>";
           exit();
           }else{
             echo"<h2><script>alert('Your Post has been published successfully!')</script>";
           echo"<script>window.open('insert_post.php','_self')</script>";
          }
        }
    }
 ?>
    <!-- MAIN WRAPPER -->
    <div id="wrap" >
<?php 
   //echo $post_author;
   // echo $post_title;
    // echo $post_page;
     // echo $post_keyword;
     //  echo $post_content;
      //  echo $post_image;

?>
        <!-- MENU SECTION -->

        <!--END MENU SECTION -->

        <!--PAGE CONTENT -->
            <?php //include('include/content.php'); ?>
            <div class="row">
                <div class="col-lg-12">
                  <div id="post_form">
                  <table>
                      <form action="" method="post" enctype="multipart/form-data" id="post_form">


                            <tr>
                              <td><label>Post Title</label></td>
                              <td><input class="form-control" type="text" name="post_title"></td>
                            </tr>  


                              <tr>
                                <td><label>Post Author</label></td>
                                <td><input class="form-control" type="text" name="post_author"></td>
                              </tr>


                              <tr>
                                <td>  <label>Post Catagory</label></td>
                                  <td><select class="form-control" name="post_catagory">
                                    <?php
                                        $sql="select * from catagory";
                                        $result=mysqli_query($bd,$sql) or die("Error:".mysql_error());
                                        while($row=mysqli_fetch_array($result)){
                                    ?>
                                        <option value="<?php echo $row['name'] ?>"><?php echo $row['name'];?></option>

                                    <?php
                                        }
                                    ?>

                                  </select>
                                  </td>
                            </tr>    


                              <tr>
                                <td><label>Post keywords</label></td>
                                <td><input type="text" name="post_keyword" placeholder="Enter text"></td>
                              </tr>



                            <tr>
                              <td><label>Post Image</label></td>
                              <td><input type="file"  name="post_image"/></td>
                           </tr>   

                            <tr>
                              <td><label>Select Page</label></td>
                              <td><select class="form-control" name="post_page">
                              <?php
                                $sql="select * from menu";
                                $result=mysqli_query($bd,$sql) or die("error".mysql_error());
                                while($row=mysqli_fetch_array($result)){

                                ?>
                                  <option value="<?php echo $row['id'];?>"><?php echo $row['name'];?></option>


                                <?php
                                }
                              ?>
                              </select></td>
                           </tr>

                            <tr>
                              <td><label>Post Contents</label></td>
                              <td><textarea id="area1"  name="post_content" rows="10"></textarea></td>
                            </tr>  

                          <tr>
                            <td>Action Key</td>
                            <td><button type="submit" class="btn btn-default" name="submit" onclick="nicEditors.findEditor('area1').saveContent();">Publish Now</button><button type="reset" class="btn btn-default">Reset Button</button></td>
                            <td></td>
                          </tr>
                    </form>
                  </table>
                  </div>
                </div>
            </div>
        <!--END PAGE CONTENT -->

         <!-- RIGHT STRIP  SECTION -->
            <?php //include('include/right.php'); ?>
         <!-- END RIGHT STRIP  SECTION -->
    </div>
</body>
</html>
    <!--END MAIN WRAPPER -->

    <!-- FOOTER -->

3 个答案:

答案 0 :(得分:0)

只需使用mysql_real_escape_string()即可插入所有值。

答案 1 :(得分:0)

您混淆了mysqlmysqli。当您致电mysqli_query时,您必须阻止使用mysqli_功能的数据。

$post_content = mysqli_real_escape_string(nl2br($_POST['post_content'])); 
//                   ^

您应该对数据库的所有字符串输入使用mysql_real_escape_string,而不仅仅是content

答案 2 :(得分:0)

使用mysqli_real_escape_string()

  

string mysqli_real_escape_string(mysqli $ link,string $ escapestr)

您必须添加连接链接作为mysqli_real_escape_string()的第一个参数

$post_content = mysqli_real_escape_string($bd, nl2br($_POST['post_content']));

再次

mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
                                                       ^

而不是

mysql_error() 

使用

mysqli_error($bd)