$p_item_details=$i->ProductItemDetail;
$in_product_details="insert into product_item_details(location_id,speial_description,special,introduction,inclusion,exclusion,additional_info,ticketing_details,commence,department_point,department_date,suppliedby,return_details,department_time,condition,hotel_list,hotel_pickup_instruction,itinerary) values('$id_tables','$p_item_details->SpecialDescription','$p_item_details->Special','$p_item_details->Introduction',' $p_item_details->Inclusions','$p_item_details->Exclusions','$p_item_details->AdditionalInfo','$p_item_details->TicketingDetails','$p_item_details->Commences','$p_item_details->DeparturePoint','$p_item_details->DepartureDate','$p_item_details->SuppliedBy','$p_item_details->ReturnDetails','$p_item_details->DepartureTime','$p_item_details->Conditions','$p_item_details->HotelList','$p_item_details->HotelPickupInstructions','$p_item_details->Itinerary')";
mysql_query($in_product_details,$con);
语句插入不起作用虽然与服务器的连接正确并且选择了db正确我没有在我的db中找到插入
答案 0 :(得分:2)
最好使用“预备声明”,请参阅this链接。
发现很多错误并且是安全的。
答案 1 :(得分:0)
"条件"是一个MySQL保留字。如果必须将它用作列名,请将其包装在反引号(`)
中修改强>
并转义您计划存储在数据库中的任何字符串。这允许db在实际的字符串本身中处理引号(')。
正如Joop所建议的那样,使用预准备语句可以避免这个问题。
这几天mysql扩展几乎已经死了(除了网上数以百万计的过时教程)。考虑转移到mysqli或PDO