Fatal编程技术网
  • php/
  • php mysqli插入不起作用

php mysqli插入不起作用

php mysql sql

php mysqli插入不起作用,php,mysql,sql,insertion,Php,Mysql,Sql,Insertion,我正在尝试将数据插入mysql,但不起作用, 下面显示的是php脚本,没有错误 $mysqli = new mysqli('localhost','root','','realestate'); if($mysqli->connect_error){ printf("can not connect database %s\n",$mysqli->connect_error); exit(); } if (isset($_POS

我正在尝试将数据插入mysql,但不起作用, 下面显示的是php脚本,没有错误

    $mysqli = new mysqli('localhost','root','','realestate');

     if($mysqli->connect_error){
     printf("can not connect database %s\n",$mysqli->connect_error);
     exit();
     }  

 if (isset($_POST['submit'])){

     $a_name=$_POST['a_name'];
     $a_number=$_POST['a_number'];
     $email=$_POST['email'];
     $password=$_POST['password']; 


     $target_dir="uploads/";
     $target_file=$target_dir . basename($_FILES["a_image"]["name"]);    
     $temp_file=$_FILES["a_image"]["name"];

     move_uploaded_file($_FILES["a_image"]["tmp_name"], $target_file ); 

    $query="INSERT INTO agent (a_name,a_number,email,password,a_image) 
     VALUES ('$a_name',$a_number,'$email','$password','$temp_file')";
    $insert = $mysqli->query($query);
您能解释一下如何检查数据库中是否已经存在电子邮件地址吗? 
error_reporting(E_ALL);//show all errors   

 $mysqli = new mysqli('localhost','root','','realestate');

     if($mysqli->connect_error){
     printf("can not connect database %s\n",$mysqli->connect_error);
     exit();
     }  

 if (isset($_POST['submit'])){
     //make sure $_POST is not null
     var_dump('Posted variables are '. $_POST.' and files are '. $_FILES);//Comment out after debugging
     $a_name=$_POST['a_name'];
     $a_number=$_POST['a_number'];
     $email=$_POST['email'];
     $password=$_POST['password']; 


     $target_dir="uploads/";
     $target_file=$target_dir . basename($_FILES["a_image"]["name"]);    
     $temp_file=$_FILES["a_image"]["name"];//make sure this is not null

     move_uploaded_file($_FILES["a_image"]["tmp_name"], $target_file ); 

    $query="INSERT INTO `agent` (`a_name`,`a_number`,`email`,`password`,`a_image`) 
     VALUES ('$a_name','$a_number','$email','$password','$temp_file')";

    if($mysqli->query($query) == true){//check for success
         echo 'Success';//display message of success
     } else {
        echo $mysqli->error;//display error message
     }

//The above code is prone to SQL injection. Below is using prepared statements:
// prepare and bind
$stmt = $mysqli->prepare("INSERT INTO `agent`(`a_name`,`a_number`,`email`,`password`,`a_image`) VALUES (?, ?, ?,?,?)");
$stmt->bind_param("sssss", $a_name, $a_number, $email, $password, $temp_file);

$stmt->execute();