将文本html放入数据库

时间:2016-10-16 10:32:41

标签: php mysql

我想在我的数据库中导入数据(来自form),但我发现了这个错误:

Parse error: syntax error, unexpected ';' in /homepages/38/htdocs/index2.php on line 7

,脚本是

   <?php
//Connecting to sql db.
$connect = mysqli_connect("","","","");

//Sending form data to sql db.
mysqli_query($connect,"INSERT INTO posts (email, pseudo)
VALUES ('$_POST[email]', '$_POST[pseudo]')";
?>

错误是什么? 谢谢

3 个答案:

答案 0 :(得分:1)

$email=$_POST['email'];

$pseudo=$_POST['pseudo']; 



mysqli_query($connect,"INSERT INTO `posts` (`email`, `pseudo`) VALUES ('$email', '$pseudo');");

答案 1 :(得分:1)

解决方案

  • 您尚未正确连接$_POST[]变量。
  • 您错过了mysqli_query开场的近距离大括号。
  • 建议您单独查询,然后执行mysqli_query()

必要的检查:

  • 确保您已在表单属性中为输入类型指定了名称。
  • 检查您是否在插入时在PHP代码中调用了表单中给出的名称。

(例如) - 输入属性需要像这样

<input type="email" name="email" value="" />

像这样你必须提供所有输入类型。

PHP代码

如果使用mysqli::real_escape_string,最好使用它来避免SQL注入。

<?php
$con=mysqli_connect("localhost","my_user","my_password","my_db");
// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$email=mysqli_real_escape_string($con,$_POST['email']);
$pseudo=mysqli_real_escape_string($con,$_POST['pseudo']); 
$stmt = "INSERT INTO posts (`email`, `pseudo`)VALUES('".$email."','".$pseudo."')";
$query = mysqli_query($con,$stmt);
if($query)
{
echo "Inserted Successfully";
}
else
{
// Handle Error over here.
}
?>

答案 2 :(得分:0)

你在POST中错过了引用。检查以下代码

<?php
//Connecting to sql db.
$connect = mysqli_connect("","","","");

$sql ="INSERT INTO posts (email, pseudo)VALUES('".$_POST['email']."','".$_POST['pseudo']."')";
//Sending form data to sql db.
mysqli_query($connect,$sql);
?>
相关问题
最新问题