phpmyadmin中coulmns中缺少数据
您好,我在数据库中输入了4条记录,一切正常,我通过表单输入的记录已成功添加到数据库中,但当我浏览表时,有4条记录可用,但记录内容缺失,请帮助。谢谢 代码phpmyadmin中coulmns中缺少数据,php,mysql,phpmyadmin,Php,Mysql,Phpmyadmin,您好,我在数据库中输入了4条记录,一切正常,我通过表单输入的记录已成功添加到数据库中,但当我浏览表时,有4条记录可用,但记录内容缺失,请帮助。谢谢 代码 <body> <?php $servername = "localhost"; $username = "root"; $password = ""; $dbname = "test"; $conn = new mysqli($servername, $username,
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO names (firstname, secondname) VALUES ('', '')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
<?php echo $_POST["firstname"]; ?><br />
<?php echo $_POST["secondname"]; ?>
</body>
</html>
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn->prepare("INSERT INTO names (firstname, secondname) VALUES (?, ?)");
$stmt->bind_param("ss", $_POST["firstname"], $_POST["secondname"]);
if ($stmt->execute()) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
<?php echo $_POST["firstname"]; ?><br />
<?php echo $_POST["secondname"]; ?>
</body>
</html>
您没有向列传递任何值
改变
$sql = "INSERT INTO names (firstname, secondname) VALUES ('', '')";
到
但是,使用
准备好的语句是用于执行相同语句(或
类似)SQL语句重复执行,效率高。准备好
语句对于SQL注入非常有用,因为参数
随后使用不同协议传输的值需要
不能正确地逃脱。如果原始语句模板不可用
从外部输入派生,SQL注入无法发生
更新代码
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO names (firstname, secondname) VALUES ('', '')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
<?php echo $_POST["firstname"]; ?><br />
<?php echo $_POST["secondname"]; ?>
</body>
</html>
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$stmt = $conn->prepare("INSERT INTO names (firstname, secondname) VALUES (?, ?)");
$stmt->bind_param("ss", $_POST["firstname"], $_POST["secondname"]);
if ($stmt->execute()) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
<?php echo $_POST["firstname"]; ?><br />
<?php echo $_POST["secondname"]; ?>
</body>
</html>
您能详细描述一下吗?您需要向我们展示一些代码,以便我们能够帮助您发布您的代码(试用过的代码)非常感谢@Nana Partykar:-)很乐意提供帮助@塔希尔汗·拜。但是,请再看一遍我的答案。它将帮助您避免SQL注入。