mySQL数据插入 - 当一切看起来都很好时会出错

时间:2018-03-20 08:49:59

标签: php html mysqli sql-insert

这是我的代码,我们有一个名为" our_new_database"的数据库。

连接正常,以及HTML表单和凭据,我仍然无法将信息插入数据库。

表已创建,我可以在XAMPP / phpMyAdmin中看到列和行。

我唯一得到的错误是If / Else语句的最后一个回声 - "无法注册"。

尝试了我能做的一切,仍然无法使这种插入正常工作。

有人可以告诉我什么吗?

<?php

include "app".DIRECTORY_SEPARATOR."config.php";
include "app".DIRECTORY_SEPARATOR."db-connection.php";
include "app".DIRECTORY_SEPARATOR."form.php";

$foo_connection = db_connect($host, $user_name, $user_password, $dbname);

$sql = "CREATE TABLE user_info(
    user_name_one VARCHAR(30) NOT NULL,
    user_name_two VARCHAR(30) NOT NULL,
    user_email VARCHAR(70) NOT NULL UNIQUE
)";

if(mysqli_query($foo_connection, $sql)){
    echo "Table created successfully";
}
else {
    echo "Error creating table - table already exist.".mysqli_connect_error($foo_connection);
}

if($_SERVER['REQUEST_METHOD'] == 'POST'){

    $user_name_one = $_POST["userOne"];
    $user_name_two = $_POST["userTwo"];
    $user_email = $_POST["userEmail"];

    $sql = "INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('".$_POST['userOne']."',('".$_POST['userTwo']."',('".$_POST['userEmail']."')";
    if(mysqli_query($foo_connection,$sql))
    {
        echo "Successfully Registered";
    }
    else
    {
        echo "Could not register";
    }
}

$foo_connection->close();

4 个答案:

答案 0 :(得分:4)

您应该避免在SQL语句中直接使用变量,而应该使用参数化查询。

这也应该避免需要字符串连接和操作问题。

$stmt = $foo_connection->prepare("INSERT INTO user_info 
      (user_name_one,user_name_two,user_email)) 
    VALUES(?,?,?)");
$stmt->bind_param('sss', $user_name_one, $user_name_two, $user_email );
$stmt->execute();

答案 1 :(得分:0)

我在这一行上考虑你的括号:

$sql = "INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('".$_POST['userOne']."',('".$_POST['userTwo']."',('".$_POST['userEmail']."')";

不匹配,它应该看起来像这样:

$sql = "INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('".$_POST['userOne']."','".$_POST['userTwo']."','".$_POST['userEmail']."')";

了解您的查询的原因是:

"INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('value',('value1',('value2')"

如上所述,您可以使用:     echo $ foo_connection-&gt;错误

要查看显示的错误

答案 2 :(得分:0)

您需要更改

 $sql = "INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('".$_POST['userOne']."',('".$_POST['userTwo']."',('".$_POST['userEmail']."')";

$sql = "INSERT INTO `user_info`(`user_name_one`,`user_name_two`,`user_emai`l) VALUES ('$user_name_one','$user_name_two','$user_email')";

记住你应该使用准备好的查询

$sql= $foo_connection->prepare("INSERT INTO user_info 
      (user_name_one,user_name_two,user_email)) 
    VALUES(?,?,?)");
$sql->bind_param('sss', $user_name_one, $user_name_two, $user_email );
$sql->execute(); 

答案 3 :(得分:-1)

$sql = "INSERT INTO user_info (userOne,userTwo,userEmail) VALUES('".$_POST['userOne']."','".$_POST['userTwo']."','".$_POST['userEmail']."')";