试图通过在url中键入值插入数据库,但在插入数据库时遇到困难:
这是网址:
http://student.cs.hioa.no/~s180343/updatedb.php?verdi=22
代码如下:
<?php
$dbhost = "MYSQL-SERVER";
$dbuser = "USERNAME";
$dbpass = "";
$verdi = $_GET['verdi'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$sql = "INSERT INTO test ('id') VALUES (`$verdi`)";
mysql_select_db('s180350');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
?>
最佳答案
在字符串值周围使用引号。在列名周围使用记号。你倒过来了:
$sql = "INSERT INTO test ('id') VALUES (`$verdi`)";
嘘嘘
$sql = "INSERT INTO test (`id`) VALUES ('$verdi')";
仅供参考,您对SQL injections
关于php - 获取URL参数并插入数据库,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/22838856/