我正在使用涉及通过PHP脚本转义值的MySQL查询来插入VALUES。我能够编写有效的代码(见下文),但我能弄清楚的唯一方法是如此繁琐,以至于它们让我想起在西点军校用叉子吃豌豆。我不得不相信我错过了一些东西。 MySQL和PHP应该一起工作,对吧?有人能指出我更好的方向吗?谢谢!
<?php
// CONNECTION = "$connection".
require("Connection.php");
// CREATE TABLE
$create_table_query="
CREATE TABLE IF NOT EXISTS `titles_table`
(lastpost_id INT(10) NULL,
title VARCHAR(200))
";
$create_query_results=mysqli_query($connection,$create_table_query);
// Set up CUMBERSOME query:
$title1="IL - Yingying Zhang, 26, Urbana, 9 June 2017";
Echo "\$title1 looks like: $title1 <br>"; // 'IL - Yingying Zhang, 26, Urbana, 9 June 2017'
$title2="NJ - Brendan Creato, 3, found dead in Cooper River Park, 13 Oct 2015";
Echo "\$title2 looks like: $title2 <br>"; // 'NJ - Brendan Creato, 3, found dead in Cooper River Park, 13 Oct 2015'
$title1_escaped="'".mysqli_real_escape_string($connection,$title1)."'";
Echo "\$title1_escaped looks like: $title1_escaped <br>";
$title2_escaped="'".mysqli_real_escape_string($connection,$title2)."'";
Echo "\$title2_escaped looks like: $title2_escaped <br>";
$sql_query_CUMBERSOME="
INSERT INTO `titles_table`(
lastpost_id,
title
)
VALUES
(1013,
$title1_escaped),
(1014,
$title2_escaped);
";
echo "<br>";
echo "Here's what \$sql_query_CUMBERSOME looks like :<br>";
echo "$sql_query_CUMBERSOME </br>";
// INSERT INTO `titles_table`( lastpost_id, title ) VALUES (1013, 'IL - Yingying Zhang, 26, Urbana, 9 June 2017'), (1014, 'NJ - Brendan Creato, 3, found dead in Cooper River Park, 13 Oct 2015');
// RUN and TEST $sql_query_CUMBERSOME
$sql_query_CUMBERSOME_results=mysqli_query($connection,$sql_query_CUMBERSOME);
// TEST the results (the tests report success)
IF(!$sql_query_CUMBERSOME_results):
$results_error_message=mysqli_error($connection);
ECHO "ERROR: \$sql_query_CUMBERSOME_results doesn't exist. The mysqli error message is: $results_error_message </br>";
ELSE:
$affected_rows=mysqli_affected_rows($connection);
ECHO "SUCCESS: \$sql_query_CUMBERSOME_results exists. Here is the affected rows count: $affected_rows </br></br>";
ENDIF;
// -----------------------------------
// SET UP alternative UNWIELDLY query:
$sql_query_UNWIELDLY = "INSERT INTO `titles_table`(lastpost_id,title) ";
$sql_query_UNWIELDLY .= "VALUES (1015,'";
$sql_query_UNWIELDLY .= mysqli_real_escape_string($connection,'IL - Yingying Zhang, 26, Urbana, 9 June 2017');
$sql_query_UNWIELDLY .= "'),";
$sql_query_UNWIELDLY .= "(1016,'";
$sql_query_UNWIELDLY .= mysqli_real_escape_string($connection,'NJ - Brendan Creato, 3, found dead in Cooper River Park, 13 Oct 2015');
$sql_query_UNWIELDLY .= "');";
echo "Here's what \$sql_query_UNWIELDLY looks like:<br>";
echo "$sql_query_UNWIELDLY </br>";
// INSERT INTO `titles_table`(lastpost_id,title) VALUES (1015,'IL - Yingying Zhang, 26, Urbana, 9 June 2017'),(1016,'NJ - Brendan Creato, 3, found dead in Cooper River Park, 13 Oct 2015');
// RUN and TEST $sql_query_UNWIELDLY
$sql_query_UNWIELDLY_results=mysqli_query($connection,$sql_query_UNWIELDLY);
// TEST the results (the tests report success)
IF(!$sql_query_UNWIELDLY_results):
$results_error_message=mysqli_error($connection);
ECHO "3a) ERROR: \$sql_query_UNWIELDLY_results doesn't exist. The mysqli error message is: $results_error_message </br>";
ELSE:
$affected_rows=mysqli_affected_rows($connection);
echo "SUCCESS: \$sql_query_UNWIELDLY_results exists. Here is the affected rows count: $affected_rows </br>";
ENDIF;
?>
答案 0 :(得分:1)
我认为代码行看起来不错,但是,我们只能在使用后用它来关闭连接。
添加代码结束 mysqli_close($连接);
希望它能起作用,如果不让我知道的话。