我正在尝试在MySQL数据库中输入表单数据。我收到以下错误:
Error: INSERT INTO users (full_name, email, password,full_address,city,age,contact_number,gender,education,profile_picture) VALUES (?,?,?,?,?,?,?,?,?,?)
代码
<?php
$full_name = $_POST["fullname"];
$email = $_POST["email"];
$password = $_POST["password"];
$full_address = $_POST["address"];
$city = $_POST["city"];
$age = $_POST["age"];
$contact_number = $_POST["number"];
$gender = $_POST["gender"];
$education = $_POST["education"];
?>
<?php
$servername = "hidden";
$username = "hidden";
$db_password = "hidden";
$dbname = "hidden";
// Create connection
$conn = mysqli_connect($servername, $username, $db_password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
if(isset($_FILES['image'])){ $errors= array();
$file_name = $_FILES['image']['name'];
$file_size =$_FILES['image']['size'];
$file_tmp =$_FILES['image']['tmp_name'];
$file_type=$_FILES['image']['type'];
$extension = pathinfo($file_name, PATHINFO_EXTENSION);
$new= rand(0000,9999);
$file_name=$new.'.'.$extension;
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}
// if(isset($_FILES['image'])){ $errors= array(); $file_name = $_FILES['image']['name']; $file_size =$_FILES['image']['size']; $file_tmp =$_FILES['image']['tmp_name']; $file_type=$_FILES['image']['type']; $extension = pathinfo($file_name, PATHINFO_EXTENSION); $new= rand(0000,9999); $file_name=$new.'.'.$extension; move_uploaded_file($file_tmp,"images/".$file_name); echo "Success"; }
$sql = "INSERT INTO users (full_name, email, password,full_address,city,age,contact_number,gender,education,profile_picture)
VALUES (?,?,?,?,?,?,?,?,?,?)";
$stmt = mysqli_prepare($conn, $sql);
// Bind parameters
$stmt->bind_param("s", $full_name);
$stmt->bind_param("s", $email);
$stmt->bind_param("s", $password);
$stmt->bind_param("s", $full_address);
$stmt->bind_param("s", $city);
$stmt->bind_param("s", $age);
$stmt->bind_param("s", $contact_number);
$stmt->bind_param("s", $gender);
$stmt->bind_param("s", $education);
$stmt->bind_param("s", $file_name);
if ($stmt->execute()) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
/*
$sql = "INSERT INTO users (full_name, email, password,full_address,city,age,contact_number,gender,education)
VALUES ('$full_name', '$email', '$password','$full_address','$city','$age','$contact_number','$gender','$education')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
*/
mysqli_close($conn);
?>
答案 0 :(得分:2)
替换
$stmt->bind_param("s", $full_name);
$stmt->bind_param("s", $email);
$stmt->bind_param("s", $password);
$stmt->bind_param("s", $full_address);
$stmt->bind_param("s", $city);
$stmt->bind_param("s", $age);
$stmt->bind_param("s", $contact_number);
$stmt->bind_param("s", $gender);
$stmt->bind_param("s", $education);
$stmt->bind_param("s", $file_name);
带
$stmt->bind_param("ssssssssss", $full_name, $email, $password, $full_address, $city, $age, $contact_number, $gender, $education, $file_name);
确保您验证并清理$_POST
。