我已经开始学习php并且刚刚陷入表单部分,我无法将数据插入数据库。使用phpmyadmin在端口80上运行并且一切正常。请帮助。 这是fellow.php代码
<?php
$dbc=mysqli_connect('127.0.0.1','root','','abhishek')
or die("error connecting to the databsase");
$nama=$_POST['hell'];
$nanu=$_POST['email'];
print $nama;
$ab="INSERT INTO attempt('name','email')VALUES('$nama','$nanu')";
if(mysqli_query($dbc,$ab)) {
echo "Records added successfully.";
}
else {
echo "Records not added successfully.";
}
mysqli_close($dbc);
?>
这是first.html代码 -
<html>
<head>
<title>first attempt</title>
</head>
<body>
<form action="fellow.php" method="post" >
Name:
<input type="text" name="hell" id="hell" value="hell">
Email
<input type="text" name="email" id="email" value="email">
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
请帮忙,因为我无法继续进一步
答案 0 :(得分:1)
您使用的是单引号而不是后退,并且您很容易受到SQL注入攻击,因此请使用如下的预处理语句:
$stmt = $dbConnection->prepare('INSERT INTO attempt(`name`,`email`)VALUES(?, ?)');
$stmt->bind_param(..., $nama);
..set other parameter
$stmt->execute();