mysqli_query()生成查询错误

时间:2017-08-27 07:44:04

标签: php mysql mysqli

我正在尝试使用mysqli将表单数据存储到数据库中但是它生成查询错误我的代码在下面给出.... 当我尝试提交数据库连接正在生成.. $ _POST工作正常..错误只由mysqli_query生成..

<?php 
$name = $_POST["firstname"] . " " . $_POST["lastname"];
$email = $_POST["email"];
$happen = $_POST["whendidhappen"];
$howlong = $_POST["howlong"];
$howmany = $_POST["howmany"];
$describe = $_POST["describe"];
$whattheydid= $_POST["whattheydid"];
$seenmycat = $_POST["seenmycat"];
$anythingelse = $_POST["anythingelse"];


$dbc = mysqli_connect('localhost','root','','abductionreport') 
or die('Database connection error');


$query = "INSERT INTO abductionform (firstname, lastname, email,whendidhappen, howlong, describe, whattheydid, seenmycat,anythingelse)VALUES('$name','$name','$email','$happen','$howlong', '$howmany','$describe','$whattheydid', '$seenmycat','$anythingelse')";



$result = mysqli_query($dbc,$query) or die ("Query Error");

mysqli_close($dbc); 



?>
<h3>Aliens Abducted Me - Report an Abduction</h3>
<p>Thanks for Submiting the form.</p>
<?php 
echo "$name it happend to you on $happen it take $howlong <br>";
echo "Number of aliens: $howmany<br>";
echo "Describe: $describe<br>";
echo "What they did to you: $whattheydid<br>";
echo "Have you seen my cat: $seenmycat<br>";
echo "Anything else : $anythingelse<br>";
echo "Your Email Address is : $email<br>";

?>

1 个答案:

答案 0 :(得分:0)

DESCRIBE是一个mysql关键字。用反引号包装列名。就此而言,将您的表格和所有列包装在反引号中。在尝试访问它们之前,请始终检查{_ 1}}是否存在$ _POST元素。使用带有占位符的mysqli预处理语句来提高安全性。始终在发布到SO之前执行错误检查。

您的查询中还有9列和10个值 - 每次都会导致失败。