无法使用php mysqli prepared语句发送查询_Php_Sql_Mysqli_Prepared Statement

无法使用php mysqli prepared语句发送查询

php sql

无法使用php mysqli prepared语句发送查询,php,sql,mysqli,prepared-statement,Php,Sql,Mysqli,Prepared Statement,我的代码不起作用。我正在使用php和mysqli登录网站。我准备了一份声明来提高安全性，但我认为我做得不对。请帮忙它无法将信息发送到数据库 “准备失败！”出现。有什么问题吗 <?php if(isset($_POST['signup-name'], $_POST['signup-password-1'], $_POST['signup-password-2'], $_POST['signup-email-1'], $_POST['signup-email-2'], $_POST['

我的代码不起作用。我正在使用php和mysqli登录网站。我准备了一份声明来提高安全性，但我认为我做得不对。请帮忙

它无法将信息发送到数据库

“准备失败！”出现。有什么问题吗

<?php

  if(isset($_POST['signup-name'], $_POST['signup-password-1'], $_POST['signup-password-2'], $_POST['signup-email-1'], $_POST['signup-email-2'], $_POST['signup-country'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field'])){
    if(!empty($_POST['signup-name']) and !empty($_POST['signup-password-1']) and !empty($_POST['signup-password-2']) and !empty($_POST['signup-email-1']) and !empty($_POST['signup-email-2']) and !empty($_POST['signup-country']) and !empty( $_POST['recaptcha_challenge_field']) and !empty( $_POST['recaptcha_response_field'])){

      echo"ok";

      $username = $_POST['signup-name'];
      $password1 = $_POST['signup-password-1'];
      $password2 = $_POST['signup-password-2'];
      $email1 = $_POST['signup-email-1'];
      $email2 = $_POST['signup-email-2'];
      $country = $_POST['signup-country'];

      //$recaptcha_challenge_field = $_POST['recaptcha_challenge_field'];
      //$recaptcha_response_field = $_POST['recaptcha_response_field'];
                if (filter_var($email1, FILTER_VALIDATE_EMAIL) && ($email1==$email2) && ($password1==$password2)) {
        include 'db_info.php';
        $mysqli = new mysqli("localhost", $db_uusseerrss, $db_ppwwdd, "user_db");
        if (mysqli_connect_errno()) {
          echo "no ok";
          printf("Connect failed: %s\n", mysqli_connect_error());
          exit();
        }

        $query = "INSERT INTO user_info (`username`, `email`, `password`, `country`) VALUES( ?, ?, ?, ?)";
        if ($stmt = $mysqli->prepare($query)) {
          $stmt->bind_param('ssss', $username, $email1, $hashed_password, $country );
          $stmt->execute();
          $stmt->close();
          //mysqli_close($link);
        }else{
          die('prepare() failed: ' . htmlspecialchars($stmt->error));
        }
      }else{
        echo "filter failed!";
      }
    }else{
      echo "value is not set";
  }

    }
  }

?>

一个明显的错误

INSERT INTO user_info (`username`, `email`, `password`, 'country')

国家/地区有单一报价，需要

INSERT INTO user_info (`username`, `email`, `password`, `country`)

或

您可以使用函数

mysqli\u error（$mysqli）

只有在MySQL保留该字时才需要反勾号。这些词都没有保留，因此没有理由用反勾号来逃避，只是抬起头。是的，这是正确的。只有保留关键字或如果列名称中有空格等，才需要反勾号。仍然不起作用。如果不说明原因，则需要使用mysqli错误来获取错误并捕获错误。不显示php错误。有什么我可以识别的错误吗

INSERT INTO user_info (`username`, `email`, `password`, country)

else{
   var_dump(mysqli_error($mysqli));exit;
   die('prepare() failed: ' . htmlspecialchars($stmt->error));
}