php脚本中的MySQL错误
我们正在我们的工作场所(高中)开发一个帮助台系统。 我们将在网站上发布一些用户手册,直到数据库php脚本中的MySQL错误,php,mysql,Php,Mysql,我们正在我们的工作场所(高中)开发一个帮助台系统。 我们将在网站上发布一些用户手册,直到数据库 $sql = "INSERT INTO usermanual (title, link, slug) VALUES ('$title', '$link', '$slug')"; 这是我们从表单中获取的代码: <form action="inc/publish-manual.php" method="post" accept-charset="ISO-8859-1"> <p&
$sql = "INSERT INTO usermanual (title, link, slug) VALUES ('$title', '$link', '$slug')";
<form action="inc/publish-manual.php" method="post" accept-charset="ISO-8859-1">
<p>
<label for="Title">Tittel:</label>
<br>
<input type="text" name="title" id="title">
</p>
<p>
<label for="Link">Link til brukerveiledning:</label>
<br>
<input type="text" name="link" id="link">
</p>
<p>
<label for="Slug">Slug:</label>
<br>
<input type="text" name="slug" id="slug">
</p>
<input type="submit" value="Publiser">
</form>
<?php
header('Content-type: text/html; charset=ISO-8859-1');
include '../config.php';
$link = mysqli_connect($servername, $username, $password, $dbname);
if ($link === false) {
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$title = mysqli_real_escape_string($link, $_POST['title']);
$link = mysqli_real_escape_string($link, $_POST['link']);
function slugify($title)
{
$text = iconv('utf-8', 'us-ascii//TRANSLIT', $title);
return strtolower(preg_replace('/[^A-Za-z0-9-]+/', '-', $title));
}
$slug = slugify($title);
$sql = "INSERT INTO usermanual (title, link, slug) VALUES ('$title', '$link', '$slug')";
if (mysqli_query($link, $sql)) {
header("location: ../admin.php");
} else {
echo "ERROR: Was not able to execute $sql " . mysqli_error($link);
}
?>
因为它看起来很混乱,您的代码中有两个不同的“链接”变量,这可能是问题所在
请发布发布手册.php
内容。有价值的提示:准备好的语句…来自Clement Levallois:您可以附加如何连接到数据库吗?另外,你在查询中没有逃避用户输入?@diEcho这实际上是一个糟糕的提示。这不是为了。我喜欢你逃避事情,这是一个很大的进步,但不要这样做。使用和方法添加数据。使用和方法添加数据明显优于手动转义。$link
是问题所在,停止无用的向下投票,@ChupakabraHunter don't off topic;)使用ORM比手动使用准备好的语句和bind_paramI changed$link=mysqli_connect($servername、$username、$password、$dbname)要好得多;连接到$connect,并让另一个链接连接。现在,它不会在错误消息中显示所有值,非常感谢Chupakabra Hunter。我必须改变一切从链接到链接,然后改变$link到$links,这样我只有一个$link。这就是问题所在。
<?php
header('Content-type: text/html; charset=ISO-8859-1');
include '../config.php';
$link = mysqli_connect($servername, $username, $password, $dbname);
if ($link === false) {
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$title = mysqli_real_escape_string($link, $_POST['title']);
$link = mysqli_real_escape_string($link, $_POST['link']);
function slugify($title)
{
$text = iconv('utf-8', 'us-ascii//TRANSLIT', $title);
return strtolower(preg_replace('/[^A-Za-z0-9-]+/', '-', $title));
}
$slug = slugify($title);
$sql = "INSERT INTO usermanual (title, link, slug) VALUES ('$title', '$link', '$slug')";
if (mysqli_query($link, $sql)) {
header("location: ../admin.php");
} else {
echo "ERROR: Was not able to execute $sql " . mysqli_error($link);
}
?>
$link = mysqli_connect($servername, $username, $password, $dbname);
<?php
header('Content-type: text/html; charset=ISO-8859-1');
include '../config.php';
$link = mysqli_connect($servername, $username, $password, $dbname);
if ($link === false) {
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$title = mysqli_real_escape_string($link, $_POST['title']);
$link = mysqli_real_escape_string($link, $_POST['link']);
function slugify($title)
{
$text = iconv('utf-8', 'us-ascii//TRANSLIT', $title);
return strtolower(preg_replace('/[^A-Za-z0-9-]+/', '-', $title));
}
$slug = slugify($title);
$sql = "INSERT INTO usermanual (title, link, slug) VALUES ('$title', '$link', '$slug')";
if (mysqli_query($link, $sql)) {
header("location: ../admin.php");
} else {
echo "ERROR: Was not able to execute $sql " . mysqli_error($link);
}
?>