我正在尝试从表单中获取一些数据以将数据插入数据库。但是,在执行SQL语句后,它无法正确执行并引发错误。后来,我发现代码中的“ mysqli_real_escape_string()”方法返回空字符串
<?php
$productName=$productDesc=$price=$newPrice=$message="";
$marketId="";
$cityId="";
if(isset($_GET['marketId'])&& isset($_GET['cityId'])){
$marketId=$_GET['marketId'];
$cityId=$_GET['cityId'];
}
if(isset($_POST['addProduct'])){
//NOW INSERT THE ROW TO DATABASE
$productName=mysqli_real_escape_string($conn,$_POST['productName']);
$productDesc=mysqli_real_escape_string($conn,$_POST['productDesc']);
$price=mysqli_real_escape_string($conn,$_POST['price']);
$newPrice=mysqli_real_escape_string($conn,$_POST['newPrice']);
$marketID=mysqli_real_escape_string($conn,$marketId);
$cityID=mysqli_real_escape_string($conn,$cityId);
$sql="INSERT INTO products(productName,productDesc,price,newPrice,imgUrl,marketId,cityId) VALUES('$productName','$productDesc','$price','$newPrice','$fileDestination','$marketID','$cityID')";
if(mysqli_query($conn,$sql)){
$message="success";
}
else{
$message="error";
}
}