<?php
$cser = mysqli_connect("localhost","root","","karmsys") or die("server connection failed:".mysql_error());
if (isset($_POST["submit"])) {
$name = $_POST["name"];
$comment = mysqli_real_escape_string($_POST["comment"]);
$clientPic = mysqli_real_escape_string(date("Y-m-d-H-i-s")) . ".jpg";
$image_tmp = $_FILES['clientPic']['tmp_name'];
$confirm = "No";
echo "Name: " . $name . "<br>Comment: " . $comment . "<br>Pic: " . $clientPic ;
move_uploaded_file($image_tmp,"images/client/$clientPic");
$query="insert into review values (
null,'".$name."',
'".$comment."',
'".$confirm."',
'".$clientPic."'
)";
$result = $cser->query($query);
if($result > 0){
?>
<div class="alert alert-success alert-dismissable">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Success!</strong> We got your comment. Wait till verify
</div>
<?php
} else {
?>
<div class="alert alert-danger alert-dismissable">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>AWW!</strong> Something gone wrong. Try Again
</div>
<?php
}
}
?>
这是我的代码。我在谷歌搜索mysqli_real_escape_string在服务器上没有工作,并且只有一个结果在real_escape之前建立了连接,我做了但是它仍然在localhost上工作但不在服务器上