我目前正在测试项目的注册页面,而且我遇到了一个有点问题的问题。简而言之,用户在第一个屏幕上输入他们的信息,并在以下屏幕上确认他们的信息和他们的约会日期。在最终屏幕上,调用以下函数。
function createRecord($id,$lname,$fname,$address1,$address2,$city,$state,$zip,$email,$homephone,$cellphone)
{
include 'dbconnect.php';
$sql = "SELECT id FROM nso1_students WHERE id = " . $id;
$result = $db->query($sql) or die("Error performing an internal check. Error: " . mysql_error());
if(mysqli_affected_rows($db) <= 0) //This first query checks to make sure that the student's information isn't already in the database. ID is a primary key, so it should reject a duplicate entry, but I'd rather prevent it entirely.
{
$sql = "INSERT INTO nso1_students(psuid, lname, fname, address1, address2, city, state, zip, email,
homephone, cellphone) VALUES (" . $psuid . ", '" . $lname . "', '" . $fname . "',
'" . $address1 . "', '" . $address2 . "', '" . $city . "', '" . $state . "', '" . $zip . "',
'" . $email . "', " . $homephone . ", " . $cellphone . ")";
$db->query($sql) or die("Error creating student record. Error: " . mysql_error());
}
else
{
echo "alert('This student already has an appointment!');window.location.href='index.php';";
}
}
我遇到的问题是,当多人同时测试时,第二次查询中大约有3人死亡,没有显示MySQL错误。其余的没有遇到麻烦。我没有足够的经验来诊断这个例子中出了什么问题,我现在需要一些建议。如果您还需要我提供其他任何答案,请告知我们。
答案 0 :(得分:2)
嗨我非常肯定'“。$ homephone。”','“。$手机。”')“;如果persome在电话号码中创建一个正常的空间查询失败,请尝试这样:< / p>
$sql = "INSERT INTO nso1_students(psuid, lname, fname, address1, address2, city, state, zip, email,
homephone, cellphone) VALUES (" . $psuid . ", '" . $lname . "', '" . $fname . "',
'" . $address1 . "', '" . $address2 . "', '" . $city . "', '" . $state . "', '" . $zip . "',
'" . $email . "', '" . $homephone . "', '" . $cellphone . "')";
请注意安全性,你的代码是sql注入