如何将数据从 PHP 插入 MariaDB 中的列?
我熟悉 MySql 数据库,但有一个名为 MariaDB 的新数据库.我尝试从 PHP 代码中插入数据,但我不能,你能帮我插入数据吗?我服务器上的 PHP 是 5.4.32,我的 MySQL 版本是 10.0.20-MariaDB-cll-live.
I am familiar with MySql databases but there is this new database called MariaDB. I try to insert data there from PHP code and I can't, so can you help me insert the data? My PHP on the server is 5.4.32 and my MySQL version is 10.0.20-MariaDB-cll-live.
这是我用来尝试将数据插入 MariaDB 的代码.
This is the code that I am using to try to insert data into MariaDB.
$connection = mysql_connect("localhost", "root", ""); // Establishing Connection with Server
$db = mysql_select_db("database", $connection); // Selecting Database from Server
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$name = $_POST['name'];
$email = $_POST['email'];
if($name !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query("insert into VIP Membership(Name, Email) values ('$name', '$email')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
mysql_close($connection); // Closing Connection with Server
我现在使用了 mysqli 代码,但它抛出了一个错误 500.
I used the mysqli code now but it throws me an error 500.
<?php
$servername = "localhost";
$username = "username";
$password = "";
$dbname = "db_table";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$name = $_POST['name'];
$email = $_POST['email'];
if($name !=''||$email !=''){
$sql = "INSERT INTO 'VIP Membership' (Name, Email)
VALUES ('$name', '$email')";
if(mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
mysqli_close($conn);
推荐答案
你需要使用反引号(不是单引号)来包围你的表名,因为它有一个空格.
You need to use backticks (not single quotes) to surround your table name, since it has a space in it.
$sql = "INSERT INTO `VIP Membership` (Name, Email) VALUES ('$name', '$email')";
更新:您应该真的使用准备好的语句.就目前而言,这段代码非常不安全.
UPDATE: You should really be using prepared statements. As it stands, this code is very unsafe.
$sql = mysqli_prepare($conn, "INSERT INTO `VIP Membership` (Name, Email) VALUES (?, ?)");
if($sql !== FALSE){
mysqli_stmt_bind_param($sql, "ss", $name, $email);
if(mysqli_stmt_execute($sql)){
echo "New record created successfully";
} else {
echo mysqli_stmt_error($sql);
}
} else{
echo mysqli_error($conn);
}
相关文章