Php 这个sql请求正确吗?
我最近在Ajax+php注册方面遇到了一些问题。 我最终得出结论,所有问题的根源都在sql请求的某个地方。谁能看一下吗Php 这个sql请求正确吗?,php,mysql,Php,Mysql,我最近在Ajax+php注册方面遇到了一些问题。 我最终得出结论,所有问题的根源都在sql请求的某个地方。谁能看一下吗 $insert_new_user=mysql_query("INSERT INTO users (fname,lname,email,password,age,sex,city,timereg,frcode) VALUES('$fname_received','$lname_received','$email_received','$password_received','$d
$insert_new_user=mysql_query("INSERT INTO users (fname,lname,email,password,age,sex,city,timereg,frcode) VALUES('$fname_received','$lname_received','$email_received','$password_received','$dob_received','$sex_received','$city_received,'$timepassreg','$frcode')");
”$city\u收到的
还应确保转义用户输入。在收到$city_后缺少引号假设您已转义并检查了变量的有效输入,您似乎只忘记了,'city_received,
<?php
$insert_new_user = mysql_query("
INSERT INTO users
(fname, lname, email, password, age, sex, city, timereg, frcode)
VALUES
('$fname_received', '$lname_received', '$email_received', '$password_received', '$dob_received', '$sex_received', '$city_received', '$timepassreg', '$frcode')
");
否。它依赖于不推荐的方法在添加到查询中之前是否转义用户输入?是的,当然,我转义了输入。。sql请求本身呢?从技术上看,这似乎是错误的吗?再看看城市,这都是因为一个符号…这真的没有改变原来的查询。检查收到的城市
。我不理解一些悲观的选民。未经表决就否决reading@Companjo:您可以指出您添加了一个字符。还有一个非常小的。
<?php
$insert_new_user = mysql_query("
INSERT INTO users
(fname, lname, email, password, age, sex, city, timereg, frcode)
VALUES
('$fname_received', '$lname_received', '$email_received', '$password_received', '$dob_received', '$sex_received', '$city_received', '$timepassreg', '$frcode')
");