-1

我正在尝试使用数组将数据传递到数据库中,但我不断收到此错误。我仔细检查了我的代码,看看我是否缺少一列,但它看起来不像。我究竟做错了什么?

<?php
class inventario {
  public function __construct() {}

  public function insertar($info) {
    if(isset($info)) {
      $db_host = 'localhost';
      $db_user = 'root';
      $db_pass = 'root';
      $db_name = 'inventory_cars';

      $db_link = mysqli_connect($db_host, $db_user, $db_pass, $db_name) or die('No Connection');
      $clean_info = mysqli_real_escape_string($db_link, array_values($info));

      $query = mysqli_query( $db_link, "INSERT INTO cars(date, stock, year, make, model, vin, cr) VALUES('" . (string)$clean_info. "')") or die(mysqli_error($db_link));
      if($query) {
        return 'Record inserted';
      }

      mysqli_close($db_link);
    }
    else {
      echo 'info variable not set';
    }
  }

  public function table() {
    $action = $_SERVER['PHP_SELF'];
    $table = '<form name="insertar" method="post" action="' . $action . '"><table><tr><td>Date</td><td><input type="date" name="date"/></td></tr><tr><td>Stock#</td><td><input type="text" name="stock"/></td></tr><tr><td>Year:</td><td><input type="text" name="year"/></td></tr><tr><td>Make:</td><td><input type="text" name="make"/></td></tr><tr><td>Model:</td><td><input type="text" name="model"/></td></tr><tr><td>VIN:</td><td><input type="text" name="vin"/></td></tr><tr><td>CR:</td><td><input type="text" name="cr"/></td></tr><tr><td><input type="submit" value="Submit" name="submit"/></td></tr></table></form>';
    return $table;
  }

  public function stock_list() {
    $db_host = 'localhost';
    $db_user = 'root';
    $db_pass = 'root';
    $db_name = 'inventory_cars';

    $db_link = mysqli_connect($db_host, $db_user, $db_pass, $db_name) or die('No Connection');

    $query = "SELECT * FROM cars";
    $result = mysqli_query($db_link, $query) or die('Query fail.. Please wait...');

    while($row = mysqli_fetch_array($result)) {
      echo '<tr><td>' . $row['date'] . '</td><td>' . $row['year'] . '</td><td>' . $row['make'] . '</td><td>' . $row['model'] . '</td><td>' . $row['vin'] . '</td><td><a href="' . $row['cr'] . '">CR</a></td></tr>';
    }

    mysqli_close($db_link);
  }
}
?>



<?php
require('inventoryControl.php');
?>

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Inventory</title>
  <!--[if lt IE 9]>
  <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
  <![endif]-->
</head>
<body>
  <div id="wraper">
    <div class="add_item">

    <?php
    $inventario = new inventario;
    echo $inventario->table();
    if (isset($_POST['submit'])) {
      $info = array('date' => $_POST['date'], 'stock' => $_POST['stock'], 'year' => $_POST['year'], 'make' => $_POST['make'], 'model' => $_POST['model'], 'vin' => $_POST['vin'], 'cr' =>  $_POST['cr']);
      if(isset($info)) {
        $inventario->insertar($info);
      }
      else {
        echo 'variable not set';
      }
    }
    ?>

     </div><!--end add item -->
     <div class="inventory_list">
     <?php
       echo '<table>';
       $inventario->stock_list();
       echo '</table>';
     ?>
     </div><!--end inventory_list -->
  </div><!--end wraper -->

</body>
</html>
4

2 回答 2

1

看起来您也在传递“提交”值。

输出$clean_info到屏幕(在运行查询之前)以对其进行调试。

于 2013-08-23T01:30:51.290 回答
0

回显您发送到数据库的查询文本。

插入语句列出了七列:

INSERT INTO cars
(date, stock, year, make, model, vin, cr)

所以值列表中需要有七个值,例如

VALUES ('2013-08-22','stk','''74','Dodge','Charger','12345','1500')

我怀疑连接(string)$clean_info到 SQL 文本中不会产生有效的语句。这只是基本的调试。将该 SQL 语句生成为字符串,并回显(或 vardump)该字符串,以便您可以看到传递给数据库的内容。

使用 mysqli 接口,您可以使用参数化查询,这确实是一种更好的方法。(您不要在作为绑定参数提供的值上使用 mysqli_real_escape_string)

例如

$sqltext = "INSERT INTO cars(date,stock,year,make,model,vin,cr) VALUES (?,?,?,?,?,?,?)";
if ($stmt = $mysqli->prepare($sqltext)) {
   $stmt->bind_param("sssssss",$date,$stock,$year,$make,$model,$vin,$cr);
   $stmt->execute();
于 2013-08-23T02:39:15.150 回答