-4

我的问题:我的插入 php 在输入详细信息时无法将数据保存到 phpmyadmin。本地主机:本地主机,用户名:root密码:“”数据库名称:b_database表名:my_library表列:2包含:isbn(主键)和标题

索引.php

<html>
<head>
<meta name="description" content="Php Code for View, Search, Edit and Delete Record" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Search Library Record</title>
</head>
<body>
<center><h1><u>Library Database</u></h1></center>
<form name="search" method="post" action="search.php">
<table style=" border:1px solid silver" cellpadding="10px" cellspacing="0px"
align="center">
<tr>
<td colspan="3" style="background:#0066FF; color:#FFFFFF; fontsize:
20px">Search</td></tr>
<tr>
<td>Enter Search Keyword</td>
<td><input type="text" name="search" size="40" /></td>
<td><input type="submit" value="Search" /></td>
</tr>
<tr>
<td colspan="3">&nbsp;</td></tr>
<tr bgcolor="#CCCCCC">
<th><a href="add.php">Add Record</a></th>
<th><a href="del.php">Delete Record</a></th>
<th><a href="del.php">Update Record</a></th>
</tr>
</table>
</form>
</body>
</html>

添加.php

<?php
$conn_error = 'Could not connect.';
$mysql_host = 'localhost';
$mysql_user = 'root';
$mysql_pass = '';
$mysql_db='b_database';

if(!@mysql_connect($mysql_host, $mysql_user,$mysql_pass)|| !@mysql_select_db($mysql_db)){
  die($conn_error);

}
?>

<html>
<head>
<meta name="description" content="Php Code for View, Search, Edit and Delete Record" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add Student Record</title>
</head>
<body>
<center>
<h1><u>Library Database</u></h1>
</center>
<?
if($_POST["do"]=="store")
{
$isbn=$_POST["isbn"];
$title=$_POST["title"];
if($query_run = mysql_query($query)){
  $query="insert into mylibrary value('$isbn','$title')";
  mysql_query($query);
  echo "Successfully store in DATABASE";
  }
  ?>
  <form name="add" method="post" action="add.php">
  <table style=" border:1px solid silver" cellpadding="5px" cellspacing="0px"
  align="center" border="0">
  <tr>
  <td colspan="4" style="background:#0066FF; color:#FFFFFF; fontsize:
  20px">ADD RECORD</td>
  </tr>
  <tr>
  <tr>
  <td>Enter ISBN</td>
  <td><input type="text" name="isbn" size="20"></td>
  </tr>
  <tr>
  <td>Enter TITLE</td>
  <td><input type="text" name="title" size="20"></td>
  </tr>
  <tr>
  <td colspan="4" align="center"><input type="hidden" name="do" value="store">
  <input type="submit" value="ADD RECORD"></td>
  </tr>
  </table>
  </form>
  <p align="center"><a href="index.php">Go Back to Home</a></p>
  <?
  include("search.php");?>
  </body>
  </html>
4

1 回答 1

0

有多个问题。他们中有一些:

  1. 您的查询字符串是错误的。你有VALUE而不是VALUES
  2. 执行$query 后将查询字符串分配给
  3. 停止使用已弃用mysql_*的扩展程序并切换到mysqli_*PDO
  4. 验证和清理用户输入
  5. 学习和使用准备好的语句,而不是插入查询字符串。后者为 sql 注入敞开了大门。

现在回到你眼前的问题。尝试改变这部分

if($query_run = mysql_query($query)){
  $query="insert into mylibrary value('$isbn','$title')";
  mysql_query($query);
  echo "Successfully store in DATABASE";
}

像这样

$query = "INSERT INTO mylibrary (isbn, title) VALUES('$isbn', '$title')";
$result = mysql_query($query);
if($result) {
  echo "Successfully stored in DATABASE";
} else {
  echo "Something went wrong: " . mysql_error();
}
于 2013-08-04T03:20:19.390 回答