无法使用php mysqli prepared语句发送查询
我的代码不起作用。我正在使用php和mysqli登录网站。我准备了一份声明来提高安全性,但我认为我做得不对。请帮忙 它无法将信息发送到数据库 “准备失败!”出现。有什么问题吗无法使用php mysqli prepared语句发送查询,php,sql,mysqli,prepared-statement,Php,Sql,Mysqli,Prepared Statement,我的代码不起作用。我正在使用php和mysqli登录网站。我准备了一份声明来提高安全性,但我认为我做得不对。请帮忙 它无法将信息发送到数据库 “准备失败!”出现。有什么问题吗 <?php if(isset($_POST['signup-name'], $_POST['signup-password-1'], $_POST['signup-password-2'], $_POST['signup-email-1'], $_POST['signup-email-2'], $_POST['
<?php
if(isset($_POST['signup-name'], $_POST['signup-password-1'], $_POST['signup-password-2'], $_POST['signup-email-1'], $_POST['signup-email-2'], $_POST['signup-country'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field'])){
if(!empty($_POST['signup-name']) and !empty($_POST['signup-password-1']) and !empty($_POST['signup-password-2']) and !empty($_POST['signup-email-1']) and !empty($_POST['signup-email-2']) and !empty($_POST['signup-country']) and !empty( $_POST['recaptcha_challenge_field']) and !empty( $_POST['recaptcha_response_field'])){
echo"ok";
$username = $_POST['signup-name'];
$password1 = $_POST['signup-password-1'];
$password2 = $_POST['signup-password-2'];
$email1 = $_POST['signup-email-1'];
$email2 = $_POST['signup-email-2'];
$country = $_POST['signup-country'];
//$recaptcha_challenge_field = $_POST['recaptcha_challenge_field'];
//$recaptcha_response_field = $_POST['recaptcha_response_field'];
if (filter_var($email1, FILTER_VALIDATE_EMAIL) && ($email1==$email2) && ($password1==$password2)) {
include 'db_info.php';
$mysqli = new mysqli("localhost", $db_uusseerrss, $db_ppwwdd, "user_db");
if (mysqli_connect_errno()) {
echo "no ok";
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$query = "INSERT INTO user_info (`username`, `email`, `password`, `country`) VALUES( ?, ?, ?, ?)";
if ($stmt = $mysqli->prepare($query)) {
$stmt->bind_param('ssss', $username, $email1, $hashed_password, $country );
$stmt->execute();
$stmt->close();
//mysqli_close($link);
}else{
die('prepare() failed: ' . htmlspecialchars($stmt->error));
}
}else{
echo "filter failed!";
}
}else{
echo "value is not set";
}
}
}
?>
一个明显的错误
INSERT INTO user_info (`username`, `email`, `password`, 'country')
国家/地区有单一报价,需要
INSERT INTO user_info (`username`, `email`, `password`, `country`)
或
您可以使用函数
mysqli\u error($mysqli)
只有在MySQL保留该字时才需要反勾号。这些词都没有保留,因此没有理由用反勾号来逃避,只是抬起头。是的,这是正确的。只有保留关键字或如果列名称中有空格等,才需要反勾号。仍然不起作用。如果不说明原因,则需要使用mysqli错误来获取错误并捕获错误。不显示php错误。有什么我可以识别的错误吗
INSERT INTO user_info (`username`, `email`, `password`, country)
else{
var_dump(mysqli_error($mysqli));exit;
die('prepare() failed: ' . htmlspecialchars($stmt->error));
}