开发者

mysql_query does not work

开发者 https://www.devze.com 2023-03-16 23:31 出处:网络
Can someone help me figure out why this code isn\'t working. I am connected to the DB. This snippet is within php tags.

Can someone help me figure out why this code isn't working.

I am connected to the DB. This snippet is within php tags.

$result=mysql_query("INSERT INTO attendee开发者_StackOverflow中文版ser (firstName, lastName, shirtSize, title, organization, emailAddress, q1, q2, q3, refId)
             VALUES ('$_POST[firstName]', '$_POST[lastName]', '$_POST[shirtSize]', '$_POST[title]', '$_POST[organization]', '$_POST[emailAddress]', '$_POST[q1]', '$_POST[q2]', '$_POST[q3]', 'NULL')");


I figured it out. I didn't have q3 as a field in the table.


Yeah, someone probably entered a quote or something. DO NOT INSERT THIS WAY, you are wide open to SQL injection attacks.

Use PDO, or mysql_real_escape_string() at a minimum.


execute this

if(!mysql_query("INSERT INTO attendeeser (firstName, lastName, shirtSize, title, organization, emailAddress, q1, q2, q3, refId)
             VALUES ('$_POST[firstName]', '$_POST[lastName]', '$_POST[shirtSize]', '$_POST[title]', '$_POST[organization]', '$_POST[emailAddress]', '$_POST[q1]', '$_POST[q2]', '$_POST[q3]', 'NULL')")){
echo mysql_error();
}

that will display the error generated by mysql.

0

精彩评论

暂无评论...
验证码 换一张
取 消