关注视频,应该正常工作,而不是给我一个错误。我从!mysqli_stmt_prepare得到了WHOOPS错误。也许有一些我错过的东西?视频让我们删除了代替“?”的值,但这对我来说从来没有用过,所以我只是将$ var放回去.BTW:个人陈述中只有特殊字符(撇号和引号)当他们形成提交。我以为声明会逃脱那些没问题。感谢。
<?php
header('Refresh:3; url=/Collaborate/');
$link = mysqli_connect("*****","*****","*****", "*****");
if (!$link) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
}
$Fname = $_POST['Fname'];
$Lname = $_POST['Lname'];
$Website = $_POST['Website'];
$Phone = $_POST['Phone'];
$Email = $_POST['Email'];
$Interests1 = $_POST['Int1'];
$Interests2 = $_POST['Int2'];
$Interests3 = $_POST['Int3'];
$PersonalStatement = $_POST['PersonalStatement'];
// BAD ESCAPE. BAD!
// array_walk_recursive($link, $_POST, 'mysqli_real_escape_string' );
$sql = "INSERT INTO User(Fname, Lname, Website, Phone, Email, Interest1, Interest2, Interest3, PersonalStatement) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?);";
$stmt = mysqli_stmt_init($link);
if (!mysqli_stmt_prepare($stmt, "sssssssss", $sql)) {
echo "WHOOPS!";
} else {
mysqli_stmt_bind_param($stmt, $Fname, $Lname, $Website, $Phone, $Email, $Interests1, $Interests2, $Interests3, $PersonalStatement);
mysqli_stmt_execute($stmt);
echo "<h2>We got you $Fname!</h2>";
}
?>
答案 0 :(得分:0)
将您的sql字符串值替换为?。在mysqli_stmt_bind_param()中 - 您需要第二个参数为 - "sssssssss"