PHP MySQL没有插入数据库

时间:2011-09-12 20:57:49

标签: php mysql html

我听说过这个问题,但似乎无法弄明白。我有正确的数据库和表名称。我没有发现任何错误,我甚至自己在phpmyadmin上插入了一个表,但是当我试图在我的网站上做它时它不起作用。我甚至测试了连接。不知道现在该做什么

也许有人可以查看我的代码并查看他们是否注意到任何内容

<?php
if(mysql_connect('<db>', '<un>', '<pw>') && mysql_select_db('smiles'))
{

    $time = time();
    $errors = array();

    if(isset($_POST['guestbook_name'], $_POST['guestbook_message'])){
        $guestbook_name = mysql_real_escape_string(htmlentities($_POST['guestbook_name']));
        $guestbook_message = mysql_real_escape_string(htmlentities($_POST['guestbook_message']));

        if (empty($guestbook_name) || empty($guestbook_message)) {
            $errors[] = 'All Fields are required.';
        }
        if (strlen($guestbook_name)>25 || strlen($guestbook_message)>255) {
            $errors[] = 'One or more fields exceed the character limit.';
        }
        if (empty($errors)) {

            $insert = "INSERT INTO 'guestbook'VALUES('','$time','$guestbook_name','$guestbook_message')"; 
            if($insert = mysql_query($insert)){
                header('Location: '.$_SERVER['PHP_SELF']);
            } else{
              $errors[] = 'Something went wrong . Please try again.';
            }
        } else {
            foreach($errors as $error) {
            echo '<p>'.$error.'</p>';
            }
        }

    }
    //display entries
} 
else {
    'Fixing idiot';
}
      ?> 
      <hr />
       <form action="<?php echo htmlentities($_SERVER['PHP_SELF']);?>" method="POST">
     <p>Post Somethign</p>
      <br />
          Name:<br /><input type="text" name="guestbook_name" maxlength="25" />
   <br />
    Message:
    <br />
           <textarea name="guestbook_message" rows="6" coles="30"maxlength="255"></textarea>
      <input type="submit" value="Post" />
      </form>

3 个答案:

答案 0 :(得分:2)

从表名“留言簿”中删除引号,并在其与values

之间留一个空格

答案 1 :(得分:2)

表名不需要引号,并且假设您正在使用id autoincrement,请勿插入空字符串。所以它应该是:

$insert = "INSERT INTO guestbook VALUES('$time','$guestbook_name','$guestbook_message')";

另外,请查看您的$ time值。 MySQL的数据类型是什么?

插入后,尝试显示mysql错误:

$conn = mysql_connect('<db>', '<un>', '<pw>');
mysql_query($insert)
if (mysql_errno($conn)){
   $errors[] = mysql_error($conn);
}else{
   header('Location: '.$_SERVER['PHP_SELF']);
}

编辑:漏洞摘录应类似于:

<?php
$conn = mysql_connect('<db>', '<un>', '<pw>')
if( $conn && mysql_select_db('smiles')) //Note $conn
{

    $time = time();
    $errors = array();

    if(isset($_POST['guestbook_name'], $_POST['guestbook_message'])){
        $guestbook_name = mysql_real_escape_string(htmlentities($_POST['guestbook_name']));
        $guestbook_message = mysql_real_escape_string(htmlentities($_POST['guestbook_message']));

        if (empty($guestbook_name) || empty($guestbook_message)) {
            $errors[] = 'All Fields are required.';
        }
        if (strlen($guestbook_name)>25 || strlen($guestbook_message)>255) {
            $errors[] = 'One or more fields exceed the character limit.';
        }
        if (empty($errors)) {
            mysql_query($insert)
            $insert = "INSERT INTO guestbook VALUES('$time','$guestbook_name','$guestbook_message')"; 
            if (mysql_errno($conn)){
               $errors[] = mysql_error($conn);
            }else{
               header('Location: '.$_SERVER['PHP_SELF']);
            }
        } else {
            foreach($errors as $error) {
            echo '<p>'.$error.'</p>';
            }
        }

    }
    //display entries
}

答案 2 :(得分:0)

您可以尝试以下查询进行插入:

$insert = "INSERT INTO guestbook VALUES('','{$time}','{$guestbook_name}','{$guestbook_message}')";
相关问题
最新问题