PHP MySQL后期插入
我在使用php脚本向mysql数据库插入值时遇到问题PHP MySQL后期插入,php,mysql,post,sql-insert,Php,Mysql,Post,Sql Insert,我在使用php脚本向mysql数据库插入值时遇到问题 <?php $conn = mysqli_connect($dbhost, $dbuser, $dbpass, $db) or die (mysqli_error($conn)); mysqli_select_db($conn, $db) or die (mysqli_error($conn)); $token = null; $lastWaterDate = null; $lastWaterAmount = null; $zipC
<?php
$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $db) or die (mysqli_error($conn)); mysqli_select_db($conn, $db) or die (mysqli_error($conn));
$token = null; $lastWaterDate = null; $lastWaterAmount = null; $zipCode = null; $waterToDate = null; $addKey = null;
if(isset ($_POST["token"])){
$token = $_POST["token"];
}
if(isset ($_POST["lastWaterDate"])){
$lastWaterDate = $_POST["lastWaterDate"];
}
if(isset ($_POST["lastWaterAmount"])){
$lastWaterAmount = $_POST["lastWaterAmount"];
}
if(isset ($_POST["zipCode"])){
$zipCode = $_POST["zipCode"];
}
if(isset ($_POST["waterToDate"])){
$waterToDate = $_POST["waterToDate"];
}
if(isset ($_POST["addKey"])){
$addKey =$_POST["addKey"];
}
if($addKey == -1){
$sql = "INSERT INTO UserInfo (userToken) VALUES ('$token')";
}
elseif($addKey == 0){
$sql = "INSERT INTO UserInfo (userToken, lastWaterDate, lastWaterAmount, zipCode, waterToDate) VALUES ('$token','$lastWaterDate','$lastWaterAmount','$zipCode','$waterToDate') ON DUPLICATE KEY UPDATE lastWaterDate=VALUES(lastWaterDate), lastWaterAmount=VALUES(lastWaterAmount), waterToDate=VALUES(waterToDate)";
}
else{
$sql = "INSERT INTO UserInfo (userToken, lastWaterDate, lastWaterAmount, zipCode, waterToDate) VALUES ('$token','$lastWaterDate','$lastWaterAmount','$zipCode','$waterToDate') ON DUPLICATE KEY UPDATE lastWaterDate=VALUES(lastWaterDate), lastWaterAmount=VALUES(lastWaterAmount), zipCode=VALUES(zipCode), waterToDate=VALUES(waterToDate)";
}
$res = mysqli_query($conn, $sql) or die(mysqli_error($conn));
if($res){
echo "Successfully updated db";
}
else{
echo "Failed to update db";
}
mysqli_close($conn);
?>
当addkey不是-1时,是否要更新表,而不是插入
有关更新和插入的差异的更多信息,请查看此项:
另外,你能提供一些关于你的数据库和你得到的错误的更多信息吗?(如果你得到任何)
您的问题很可能与实现$sql查询的方式有关。关注脚本的这一部分,问题可能是您从表单接收到的字符串是零“0”,而不是整数。提交表单时,您的条件应为整数0。您需要将其强制为int,然后在条件上使用$\u POST。请始终转义post变量
<?php
$conn = mysqli_connect('localhost', 'xxx', 'xxx', 'xxx') or die (mysqli_error($conn));
mysqli_select_db($conn, 'test') or die (mysqli_error($conn));
$_POST['token'] = 'abca';
$_POST['lastWaterDate'] = '2017-12-12';
$_POST['lastWaterAmount'] = '$100';
$_POST['zipCode'] = '01010';
$_POST['waterToDate'] = '';
// Let's ensure that the value is an INT
$_POST['addKey'] = (int)'0';
if(isset($_POST["token"])){
$token = mysqli_real_escape_string($conn, $_POST["token"]);
}
if(isset($_POST["lastWaterDate"])){
$lastWaterDate = mysqli_real_escape_string($conn, $_POST["lastWaterDate"]);
}
if(isset($_POST["lastWaterAmount"])){
$lastWaterAmount = mysqli_real_escape_string($conn, $_POST["lastWaterAmount"]);
}
if(isset($_POST["zipCode"])){
$zipCode = mysqli_real_escape_string($conn, $_POST["zipCode"]);
}
if(isset($_POST["waterToDate"])){
$waterToDate = mysqli_real_escape_string($conn, $_POST["waterToDate"]);
}
if(isset($_POST["addKey"])){
$addKey = mysqli_real_escape_string($conn, $_POST["addKey"]);
}
if($_POST['addKey'] == -1){
$sql = "INSERT INTO UserInfo (userToken) VALUES ('$token')";
} elseif($_POST['addKey'] == 0) {
$sql = "INSERT INTO UserInfo (userToken, lastWaterDate, lastWaterAmount, zipCode, waterToDate) VALUES ('$token','$lastWaterDate','$lastWaterAmount','$zipCode','$waterToDate') ON DUPLICATE KEY UPDATE lastWaterDate=VALUES(lastWaterDate), lastWaterAmount=VALUES(lastWaterAmount), waterToDate=VALUES(waterToDate)";
}else{
$sql = "INSERT INTO UserInfo (userToken, lastWaterDate, lastWaterAmount, zipCode, waterToDate) VALUES ('$token','$lastWaterDate','$lastWaterAmount','$zipCode','$waterToDate') ON DUPLICATE KEY UPDATE lastWaterDate=VALUES(lastWaterDate), lastWaterAmount=VALUES(lastWaterAmount), zipCode=VALUES(zipCode), waterToDate=VALUES(waterToDate)";
}
$res = mysqli_query($conn, $sql);
if($res){
echo "Successfully updated db";
}
else{
echo "Failed to update db";
}
如果您回显$sql
然后手动执行该查询,会发生什么情况?您是否收到消息成功更新了db
?您将永远不会收到消息更新db失败,因为当它失败时,它会消失(mysqli\u错误($conn)
。你应该学会使用准备好的语句,而不是替换变量,以防止SQL注入。你说过当addKey=-1时“插入工作正常”。这是否意味着将记录插入数据库?但随后你会说“数据库中似乎什么都没有发生”。到底是什么问题?我尝试了“$SQL=“更新用户信息集lastWaterDate=$lastWaterDate,lastWaterAmount=$lastWaterAmount,zipCode=$zipCode,waterToDate=$waterToDate,其中userToken=$token”;”但这也没有实现help@mooooo098这回答了你的问题吗?我的回答对你有帮助吗?如果有,请毫不犹豫地将其标记为你的最佳答案。