gpt4 book ai didi

php - 数据没有插入到php中的mysql数据库中

转载 作者:搜寻专家 更新时间:2023-10-30 21:41:23 26 4
gpt4 key购买 nike

我正在尝试将数据插入 mysql 数据库,但一切正常,没有发生错误,但是当我浏览数据时,它没有插入到数据库中,我的编码请检查一下。

这里是我的html代码:

<html> <head>

<title>Insert Latest News</title>

</head>

<body>

<form action="insert_post.php" method="POST" enctype="multipart/form-data">

<table align="center" border="10" width="800">

<tr> <td align="center" colspan="5" bgcolor="yellow"><h1>Insert Latest News</h1></td> </tr>

<tr> <td>Post Title</td> <td><input type="text" name="title" size="30" /></td> </tr>

<tr> <td>Post Author</td> <td><input type="text" name="author" /></td> </tr>

<tr> <td>Post Image</td> <td><input type="file" name="image" /></td> </tr>

<tr> <td>Post Content</td> <td><textarea name="content" cols="50" rows="20"></textarea></td> </tr>

<tr> <td colspan="5" align="center"><input type="submit" name="submit" value="Publish" /></td> </tr> </table>

</form> </body> </html>

这是我的连接脚本

$connect = mysql_connect("localhost","root",""); 
$con = mysql_select_db("express", $connect);
if ($con){
echo "";
} else {
echo "databse not connected";
}

这里是我的 php 代码:

<?php require("connect.php");

if (isset($_POST['submit'])){

$title = $_POST['title'];
$author = $_POST['author'];
$content = $_POST['content'];
$image_name = $_FILES['image']['name'];
$image_type = $_FILES['image']['type'];
$image_size = $_FILES['image']['size'];
$image_tmp = $_FILES['image']['tmp_name'];
$date = Date('y/m/d');

if ($title=='' or $author=='' or $content=='' or $image_name==''){

echo "<script>alert('Any feild is empty')</script>";
exit();
}
if ($image_type=='image/jpeg' or $image_type=='image/png'
or $image_type=='image/gif' or $image_type=='image/jpg'){

echo "";
} else {
echo "<script>alert('your image type is not allowed')</script>";
}
if ($image_size<=1000000){
move_uploaded_file ($image_tmp, "images/$image_name");
exit();
} else {

echo "<script>alert('Image is larger, not allowed by admin ')</script>";
}

$query = "INSERT INTO news
(news_title, news_author, news_content, news_image, news_date)
values($title,$author, $content, $image_name, $date,)";

if ($query){
echo "<center><h1>Your News has Been Published</h1></center>";
}
}
?>

最佳答案

你的代码基本上很糟糕:

1) 易受 SQL injection attacks 攻击
2) 完全没有上传验证
3) 简单地假设所有操作都成功

和你的主要问题,忽略其余部分:

4) 由于查询字符串中缺少引号和额外的逗号而导致语法错误::

$query = "INSERT INTO news
(news_title, news_author, news_content, news_image, news_date)
values('$title','$author', '$content', '$image_name', '$date',)";
^------^-^-------^--^--------^--^-----------^--^-----^---missing
^---wrong

如果您做过任何类型的防御性编程,例如检查错误,你会被告知你的 sql 语法问题......永远不要永远假设成功。始终假设失败,检查失败,并将成功视为惊喜。

关于php - 数据没有插入到php中的mysql数据库中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35205972/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com