Php 为什么不是';我的插入工作是否使用准备好的语句?
我最近才了解到,准备好的语句比以前不推荐的方法更适合使用 我尽我最大的努力和在线教程来解决这个问题,但是我运气不好,所以我来了,寻求帮助Php 为什么不是';我的插入工作是否使用准备好的语句?,php,html,mysql,Php,Html,Mysql,我最近才了解到,准备好的语句比以前不推荐的方法更适合使用 我尽我最大的努力和在线教程来解决这个问题,但是我运气不好,所以我来了,寻求帮助 <?php $db = mysql_connect("localhost","root","Mylife2015") or die ("Couldn't connect to SQL server"); mysql_select_db("i-neo") or die("Couldn't select DB"); session_sta
<?php
$db = mysql_connect("localhost","root","Mylife2015") or die ("Couldn't
connect to SQL server");
mysql_select_db("i-neo") or die("Couldn't select DB");
session_start();
if (isset($_SESSION['user_login'])) {
$user = $_SESSION["user_login"];
}
else {
$user = "";
}
$d = date('Y-m-d h:i:s a', time());
if(isset($_POST['log'])){
$man = $_POST['artist_name'];
$an = $_POST['album_name'];
$sn = $_POST['song_name'];
foreach($_FILES['files']['tmp_name'] as $key => $name_tmp){
$name = $_FILES['files']['name'][$key];
$tmpnm = $_FILES['files']['tmp_name'][$key];
$type = $_FILES['files']['type'][$key];
$size = $_FILES['files']['size'][$key];
$dir = "uploads/".$name;
$move = move_uploaded_file($tmpnm,$dir);
if($move){
$msi = $query = "INSERT INTO music ($user, $man, $an, $sn, $name,
$type, $size, $dir, $d) VALUES (?,?,?,?,?,?,?,?,?)";
$stmt = $db->prepare($msi);
$stmt->bind_param("sssssssss", $user, $man, $an, $sn, $name,
$type, $size, $dir, $d);
$stmt->execute();
if($msi){
echo "<script>alert('Insert Successful')</script>";
} else {
echo "<script>alert('Upload Fail')</script>";
}
} else {
echo "<script>alert('Uploaded Successfully')</script>";
}
}
}
?>
您试图将
准备好的语句 <?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "yourdbname";
// Create connection
$db = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($db->connect_error) {
die("Connection failed: " . $db->connect_error);
}
// prepare and bind
$stmt = $db->prepare("INSERT INTO tablename (name, fatherame, add) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $name, $fathername, $add);
// set parameters and execute
$name = "Muneer Khan";
$fathername = "Shabbir Khan";
$add = "KingsStreet";
$stmt->execute();
$stmt->close();
?>
mysql\uu$dNOW() CREATE TABLE IF NOT EXISTS `music` (
`id` int(11) NOT NULL,
`user` varchar(255) NOT NULL,
`artist_name` varchar(255) NOT NULL,
`audio_name` varchar(255) NOT NULL,
`album_name` varchar(255) NOT NULL,
`name` varchar(225) NOT NULL,
`type` varchar(71) NOT NULL,
`size` double NOT NULL,
`directory` varchar(71) NOT NULL,
`date_uplaoded` datetime NOT NULL
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=latin1;
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "yourdbname";
// Create connection
$db = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($db->connect_error) {
die("Connection failed: " . $db->connect_error);
}
// prepare and bind
$stmt = $db->prepare("INSERT INTO tablename (name, fatherame, add) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $name, $fathername, $add);
// set parameters and execute
$name = "Muneer Khan";
$fathername = "Shabbir Khan";
$add = "KingsStreet";
$stmt->execute();
$stmt->close();
?>
<?php
$server = "localhost";
$user = "username";
$pass = "password";
$db = "yourdbname";
try {
$conn = new PDO("mysql:host=$server;dbname=$db", $user, $password);
// set the PDO error mode to exception
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// prepare sql and bind parameters
$stmt = $db->prepare("INSERT INTO tablename (name, fathername, add)
VALUES (:name, :fathername, :add)");
$stmt->bindParam(':name', $name);
$stmt->bindParam(':fathername', $fathername);
$stmt->bindParam(':add', $add);
$name = "Muneer Khan";
$fathername = "Shabbir Khan";
$add = "KingsStreet";
$stmt->execute();
}
catch(PDOException $e)
{
echo "Error: " . $e->getMessage();
}
$db = null;
?>