MYSQL PHP插入到表中
您的最后一个参数值在单引号中。替换为双引号,使其显示为“…”.$password.“,“User”);” 最后一个参数值用单引号括起来。替换为双引号,使其显示为“…”.$password.“,“User”);” 我不懂PHP。不过我会尝试帮助你使用MySQL 我认为insert查询中的引号有问题MYSQL PHP插入到表中,php,mysql,html,Php,Mysql,Html,您的最后一个参数值在单引号中。替换为双引号,使其显示为“…”.$password.“,“User”);” 最后一个参数值用单引号括起来。替换为双引号,使其显示为“…”.$password.“,“User”);” 我不懂PHP。不过我会尝试帮助你使用MySQL 我认为insert查询中的引号有问题 尝试删除values子句中的单引号。我不懂PHP。不过我会尝试帮助你使用MySQL 我认为insert查询中的引号有问题 尝试从您的values子句中删除单引号。您使用的是mysqli,这是一件好事,但
尝试删除values子句中的单引号。我不懂PHP。不过我会尝试帮助你使用MySQL 我认为insert查询中的引号有问题
尝试从您的values子句中删除单引号。您使用的是
mysqli<?php
$conn= new mysqli("localhost", "my_user", "my_password", "world"); //changed for the sake of this question
$username = $_POST['Username'];
$password = sha1($_POST['Password']);
$email = $_POST['Email'];
$firstname = $_POST['FirstName'];
$lastname = $_POST['LastName'];
$insert = 'INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES ("'.$firstname.'", "'.$lastname.'", "'.$email.'", "'.$username.'", "'.$password.'", 'User');';
$result = $conn->query($insert);
?>
<form method='post' action='regprocess.php'>
<fieldset class="register">
<h2>Register</h2>
<ul>
<li><label for="FirstName">First Name: </label> <input type="text" name="FirstName" id="FirstName"></li>
<li><label for="LastName">Last Name: </label> <input type="text" name="LastName" id="LastName"></li>
<li><label for="Email">Email: </label><input type="email" name="Email" id="Email"></li>
<li><label for="Username">Username: </label><input type="text" name="Username" id="Username"></li>
<li><label for="Password">Password: </label><input type="password" name="Password" id="Password"></li>
<li><input type="submit" value="Register"></li>
</ul>
</fieldset></form>
如果不为放入SQL的任何和所有数据使用占位符,您可能会遇到严重的麻烦。您必须对此保持警惕。您正在使用
mysqli<?php
$conn= new mysqli("localhost", "my_user", "my_password", "world"); //changed for the sake of this question
$username = $_POST['Username'];
$password = sha1($_POST['Password']);
$email = $_POST['Email'];
$firstname = $_POST['FirstName'];
$lastname = $_POST['LastName'];
$insert = 'INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES ("'.$firstname.'", "'.$lastname.'", "'.$email.'", "'.$username.'", "'.$password.'", 'User');';
$result = $conn->query($insert);
?>
<form method='post' action='regprocess.php'>
<fieldset class="register">
<h2>Register</h2>
<ul>
<li><label for="FirstName">First Name: </label> <input type="text" name="FirstName" id="FirstName"></li>
<li><label for="LastName">Last Name: </label> <input type="text" name="LastName" id="LastName"></li>
<li><label for="Email">Email: </label><input type="email" name="Email" id="Email"></li>
<li><label for="Username">Username: </label><input type="text" name="Username" id="Username"></li>
<li><label for="Password">Password: </label><input type="password" name="Password" id="Password"></li>
<li><input type="submit" value="Register"></li>
</ul>
</fieldset></form>
$stmt = $conn->prepare('INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES (?,?,?,?,?,?)');
$stmt->bind_param($firstname, $lastname, $email, $username, $password, 'User');
$stmt->execute();
$result = $stmt->get_result();
$insert = 'INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES ("'.$firstname.'", "'.$lastname.'", "'.$email.'", "'.$username.'", "'.$password.'", 'User');';
$stmt = $conn->prepare('INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES (?,?,?,?,?,?)');
$stmt->bind_param($firstname, $lastname, $email, $username, $password, 'User');
$stmt->execute();
$result = $stmt->get_result();
$insert = 'INSERT INTO User(FirstName, LastName, Email, Username, Password, Type) VALUES ("'.$firstname.'", "'.$lastname.'", "'.$email.'", "'.$username.'", "'.$password.'", 'User');';
在将内容添加到数据库之前,请不要忘记始终清理内容您是否发现
用户用户\'User\'用户用户\'User\'