从HTML表单添加两个字段到一个Mysql字段

时间:2013-08-25 23:41:29

标签: php mysql

我试图在一个Mysql字段上添加2个html表单字段已尝试此代码但无法将值插入数据库。

if ($_SERVER['REQUEST_METHOD'] == 'POST')
{

  $city= mysql_real_escape_string($_POST['city']);
  $name = mysql_real_escape_string($_POST['name']. "-" . $_POST['domain']);
  $alias = mysql_real_escape_string($_POST['alias']);
  $date = mysql_real_escape_string($_POST['Date']);
  $user = mysql_real_escape_string($_POST['user']);
  $id = mysql_real_escape_string($_POST['id']);

    $all1 = implode(",",$city);
    $all2 = implode(",",$name);
$all3 = implode(",",$alias);
$all4 = implode(",",$date);
$all5 = implode(",",$user);
$all6 = implode(",",$id);


$all1e = explode(",",$city);
$all2e = explode(",",$name);
$all3e = explode(",",$alias);
$all4e = explode(",",$date);
$all5e = explode(",",$user);
$all6e = explode(",",$id);

     $insert = mysql_query ("INSERT INTO `Dname` (`city`, `name`, `alias`, `user`,     `Date`, `id`) VALUES ('$all1e','$all2e','$all3e','$all4e','$all5e'");

    //insert null for id place holder
$insert .= "'')";
$res = mysql_query($insert) or die(mysql_error());
}

1 个答案:

答案 0 :(得分:1)

除了处理用户输入的一种非常奇怪的方式之外,您的问题是您的查询缺少id列和右括号的值,因为您没有分配查询文本而是分配使用第一个mysql_query()执行它的结果,然后尝试将结果与空字符串连接,然后再次将'')字面值传递给mysql_query()

要缩短它并假设您的id列上有auto_increment更改

 $insert = mysql_query ("INSERT INTO `Dname` (`city`, `name`, `alias`, `user`,     `Date`, `id`) VALUES ('$all1e','$all2e','$all3e','$all4e','$all5e'");

//insert null for id place holder
$insert .= "'')";
$res = mysql_query($insert) or die(mysql_error());


$insert = "INSERT INTO `Dname` (`city`, `name`, `alias`, `user`, `Date`)
           VALUES ('$all1e', '$all2e', '$all3e', '$all4e', '$all5e')";
$res = mysql_query($insert) or die(mysql_error());

旁注而不是插入查询字符串,使用 prepared statements mysqli_*PDO

据说,您在PDO中使用预准备语句的代码可能看起来像

$city  = $_POST['city'];
$name  = $_POST['name']. "-" . $_POST['domain'];
$alias = $_POST['alias'];
$date  = $_POST['Date'];
$user  = $_POST['user'];

try {
    $db = new PDO('mysql:host=localhost;dbname=dbname;charset=UTF8', 'user', 'password');
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

    $insert = "INSERT INTO `dname` (`city`, `name`, `alias`, `user`, `date`) VALUES (?, ?, ?, ?, ?)";
    $query = $db->prepare($insert);
    $query->execute(array($city, $name, $alias, $user, $date));
} catch (PDOException $e) {
    echo "Exeption: " .$e->getMessage();
}
$query = null;
$db = null;
相关问题
最新问题