为什么我会得到一个500错误?(MySQL-php) HTML代码
insert into语句中的问题 应该是为什么我会得到一个500错误?(MySQL-php) HTML代码,php,mysql,Php,Mysql,insert into语句中的问题 应该是 <html> <head> HTML CODE <? $username="xxxxxx"; $password="xxxxxx"; $database="xxxxxx"; mysql_connect(localhost,$username,$password); $escape = "INSERT INTO monster VALUES ('',$_POST["name"],$_POST["soort"])"; $e
<html>
<head>
HTML CODE
<?
$username="xxxxxx";
$password="xxxxxx";
$database="xxxxxx";
mysql_connect(localhost,$username,$password);
$escape = "INSERT INTO monster VALUES ('',$_POST["name"],$_POST["soort"])";
$escape2 = "DELETE monster FROM monster LEFT OUTER JOIN (
SELECT MIN( ID ) AS ID, NAME, PREF
FROM monster
GROUP BY NAME, PREF
) AS KeepRows ON monster.ID = KeepRows.ID
WHERE KeepRows.ID IS NULL";
$query=mysql_real_escape_string($escape);
$query2=mysql_real_escape_string($escape2);
@mysql_select_db($database) or die("MySQL error: Kan inte ansluta till databasen.");
mysql_close();
?>
</body>
</html>
最好在编写insert查询时写入列名称
如果列包含字符串值,如VARCHAR
或TEXT
,则使用quoted\u printable\u decode
如果列为自动递增,则传递null
或
使用下面的内容
$escape = "INSERT INTO monster (col2, col3) VALUES ('".$_POST['name']."',".$_POST['soort'].")";
请不要在不转义的情况下插入值。看起来您需要这样的内容:
$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
另外,我建议使用,因为构建查询的体验很差。首先,我有一个很酷的建议。你觉得一些高级PHP怎么样?向安全的PHP+MySQL应用程序的伟大世界又迈进了一步 给你介绍一个新的。(我知道这不是你的问题的答案,但你可以考虑它)。用于查询的示例:
$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
酷吧?还有更多。。。现在,根据您的问题,可能是所有问题(因为我们没有错误日志),但我的猜测是:
- 尝试使用
尝试以下方法:
-$db = new PDO('mysql:host=localhost;dbname='.$database, $username, $password); $insertQuery = $db->prepare('INSERT INTO monster VALUES ("", :name, :soort)'); $deleteQuery = $db->prepare('DELETE monster FROM monster LEFT OUTER JOIN ( SELECT MIN( ID ) AS ID, NAME, PREF FROM monster GROUP BY NAME, PREF ) AS KeepRows ON monster.ID = KeepRows.ID WHERE KeepRows.ID IS NULL'); //to execute query: $deleteQuery->execute(); //or with params: $insertQuery->execute(array( ':name' => $_POST['name'], ':soort' => $_POST['soort'], ));
谢谢你到底想做什么?模糊不清的。。。请描述您的错误日志说明了什么?最新日志:[24-Oct-2013 07:15:44 Europe/Berlin]PHP解析错误:语法错误,意外'',预期标识符(T_字符串)或变量(T_变量)或数字(T_NUM_字符串)在第20行的/Applications/MAMP/htdocs/monster.php中,我认为这是行不通的。$query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')";
$db = new PDO('mysql:host=localhost;dbname='.$database, $username, $password); $insertQuery = $db->prepare('INSERT INTO monster VALUES ("", :name, :soort)'); $deleteQuery = $db->prepare('DELETE monster FROM monster LEFT OUTER JOIN ( SELECT MIN( ID ) AS ID, NAME, PREF FROM monster GROUP BY NAME, PREF ) AS KeepRows ON monster.ID = KeepRows.ID WHERE KeepRows.ID IS NULL'); //to execute query: $deleteQuery->execute(); //or with params: $insertQuery->execute(array( ':name' => $_POST['name'], ':soort' => $_POST['soort'], ));
Whenever you insert string type of values in the database using query it has to pass in the quote format. So you just need to change your insert query here. $query = "INSERT INTO monster VALUES ('', '".$_POST["name"]."', '".$_POST["soort"]."')"; write query like this.