gpt4 book ai didi

PHP发布错误Mysql

转载 作者:行者123 更新时间:2023-11-29 00:57:32 25 4
gpt4 key购买 nike

我正在尝试使用以下代码将数据发布到我的数据库:

 <?php
if(isset($_POST['add']))
{
$dbhost = 'internal-db';
$dbuser = 'support';
$dbpass = 'sgh';
$db = "mpc";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}

$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$country = $_POST['country'];
$message = $_POST['message'];
$callback = $_POST['callback'];

$sql = "INSERT INTO enquiries
(firstname, surname, email, phone, country, message, callback)
VALUES('$firstname','$surname', $email, $phone, $country, $message, $callback)";

mysql_select_db($db);
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
}
else
{
?>

当我尝试发布表单时,我收到以下错误:

Could not enter data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , )' at line 3

无法找出代码中的错误。你能帮我吗????我使用的是已弃用的代码吗??

最佳答案

查询中的变量为空($email, $phone, $country, $message, $call)。尝试在 query 之前对变量进行 var_dump,看看它们是否有一些 value。此外,当它们是字符串(例如邮件)时,您还需要用引号将它们括起来,例如 '$var'

此外,看在上帝的份上,对输入进行清理。看这里:

What are the best PHP input sanitizing functions?

How can I prevent SQL injection in PHP?

关于PHP发布错误Mysql,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5290302/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com