法语字符未通过 php 保存在数据库中
French Characters are not saving in database via php
我正在使用 MySQL 和 PHP 将帖子保存到数据库中。但是当我在描述中写法语或任何其他字符时。它没有保存它。
但是简单的文本是完美的保存。
这是我的连接文件
DEFINE('DATABASE_USER', 'db_user');
DEFINE('DATABASE_PASSWORD', 'db_password');
DEFINE('DATABASE_HOST', 'localhost');
DEFINE('DATABASE_NAME', 'db_name');
date_default_timezone_set('UTC');
ini_set('SMTP', "mail.myt.mu"); // Overide The Default Php.ini settings for sending mail
//This is the address that will appear coming from ( Sender )
define('EMAIL', 'k4baber@hotmail.com');
/*Define the root url where the script will be found such as http://website.com or http://website.com/Folder/ */
DEFINE('WEBSITE_URL', 'http://haitibravo.com');
// Make the connection:
$dbc = @mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD,
DATABASE_NAME);
if (!$dbc) {
trigger_error('Could not connect to MySQL: ' . mysqli_connect_error());
}
我也试过 mysqli_real_escap() 也 $desc = mysqli_real_escape_string($_REQUEST['description']); 但它根本没有保存。
HTML 表单将所有信息提交到此文件..
if(isset($_REQUEST["submit"])){
$name = $_REQUEST['name'];
$category = $_REQUEST['category'];
$subcategory = $_REQUEST['items'];
$desc = $_REQUEST['description'];
$keywords = $_REQUEST['keywords'];
$address = "NULL";
$state = "NULL";
$city = $_REQUEST['city'];
$zones = $_REQUEST['zones'];
$country = $_REQUEST['country'];
$postcode = "0000";
$phone = $_REQUEST['u_phone'];
$image_name1 = $_FILES['image1']['name'];
$image_size1 =$_FILES['image1']['size'];
$image_tmp1 =$_FILES['image1']['tmp_name'];
$image_name1='prog'.rand().$image_name1;
move_uploaded_file($image_tmp1,'add_images/'.$image_name1);
$image_name2 = $_FILES['image2']['name'];
$image_size2 =$_FILES['image2']['size'];
$image_tmp2 =$_FILES['image2']['tmp_name'];
$image_name2='prog'.rand().$image_name2;
move_uploaded_file($image_tmp2,'add_images/'.$image_name2);
$image_name3 = $_FILES['image3']['name'];
$image_size3 =$_FILES['image3']['size'];
$image_tmp3 =$_FILES['image3']['tmp_name'];
$image_name3='prog'.rand().$image_name3;
move_uploaded_file($image_tmp3,'add_images/'.$image_name3);
$price = $_REQUEST['price'];
$date = date('Y-m-d');
$u_id = $_SESSION['u_id'];
$u_name= $_SESSION['u_name'];
$status= "0";
$flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','$image_name1','$image_name2','$image_name3','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";
$query_OK = mysqli_query($dbc, $mysql_query);
if($query_OK){
$message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';
}else{
$message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
}}
$desc、$name、$keywords 当我尝试保存时,这些东西会产生问题
首先始终检查您的查询是否有错误。请使用 mysqli_error.
所以在你刚刚输出 failure 的地方输入:
printf("Errormessage: %s\n", mysqli_error($dbc));
这将为您提供错误信息的详细信息。
正如你所说,这给了你
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'achat et autres achats en ligne | Bravo Market |Haiti Bravo|HaitBravo Produits' at line 1
也根据您提供的数据
The Title (L'homme )
Keywords (L'homme, d'achat)
description (Produits Électroniques, Voitures, Vêtements, Objets de colléction, Bons d'achat et autres achats en ligne )
所以 L'homme 中的引号结束了你的封装值,然后 mysql 假设 homme 是它应该知道的东西。
由于您只是对描述进行了转义,所以这并没有帮助。您需要转义所有输入。更好的方法是使用 prepared statements。
您遇到的这个错误也是 SQL 注入的发生方式。永远不要将用户数据直接输入到 SQL 查询中。
所以把它们放在一起。
if(isset($_REQUEST["submit"])){
$name = mysqli_real_escape_string($dbc, $_REQUEST['name']);
$category = mysqli_real_escape_string($dbc, $_REQUEST['category']);
$subcategory = mysqli_real_escape_string($dbc, $_REQUEST['items']);
$desc = mysqli_real_escape_string($dbc, $_REQUEST['description']);
$keywords = mysqli_real_escape_string($dbc, $_REQUEST['keywords']);
$address = "NULL";
$state = "NULL";
$city = mysqli_real_escape_string($dbc, $_REQUEST['city']);
$zones = mysqli_real_escape_string($dbc, $_REQUEST['zones']);
$country = mysqli_real_escape_string($dbc, $_REQUEST['country']);
$postcode = "0000";
$phone = mysqli_real_escape_string($dbc, $_REQUEST['u_phone']);
$image_name1 = $_FILES['image1']['name'];
$image_size1 =$_FILES['image1']['size'];
$image_tmp1 =$_FILES['image1']['tmp_name'];
$image_name1='prog'.rand().$image_name1;
move_uploaded_file($image_tmp1,'add_images/'.$image_name1);
$image_name2 = $_FILES['image2']['name'];
$image_size2 =$_FILES['image2']['size'];
$image_tmp2 =$_FILES['image2']['tmp_name'];
$image_name2='prog'.rand().$image_name2;
move_uploaded_file($image_tmp2,'add_images/'.$image_name2);
$image_name3 = $_FILES['image3']['name'];
$image_size3 =$_FILES['image3']['size'];
$image_tmp3 =$_FILES['image3']['tmp_name'];
$image_name3='prog'.rand().$image_name3;
move_uploaded_file($image_tmp3,'add_images/'.$image_name3);
$price = mysqli_real_escape_string($dbc, $_REQUEST['price']);
$date = date('Y-m-d');
$u_id = mysqli_real_escape_string($dbc, $_SESSION['u_id']);
$u_name= mysqli_real_escape_string($dbc, $_SESSION['u_name']);
$status= "0";
$flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','" . mysqli_real_escape_string($dbc, $image_name1) . "','" . mysqli_real_escape_string($dbc, $image_name2) . "','" . mysqli_real_escape_string($dbc, $image_name3) . "','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";
$query_OK = mysqli_query($dbc, $mysql_query);
if($query_OK){
$message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';
}else{
printf("Errormessage: %s\n", mysqli_error($dbc));
$message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
}
}
我正在使用 MySQL 和 PHP 将帖子保存到数据库中。但是当我在描述中写法语或任何其他字符时。它没有保存它。 但是简单的文本是完美的保存。
这是我的连接文件
DEFINE('DATABASE_USER', 'db_user');
DEFINE('DATABASE_PASSWORD', 'db_password');
DEFINE('DATABASE_HOST', 'localhost');
DEFINE('DATABASE_NAME', 'db_name');
date_default_timezone_set('UTC');
ini_set('SMTP', "mail.myt.mu"); // Overide The Default Php.ini settings for sending mail
//This is the address that will appear coming from ( Sender )
define('EMAIL', 'k4baber@hotmail.com');
/*Define the root url where the script will be found such as http://website.com or http://website.com/Folder/ */
DEFINE('WEBSITE_URL', 'http://haitibravo.com');
// Make the connection:
$dbc = @mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD,
DATABASE_NAME);
if (!$dbc) {
trigger_error('Could not connect to MySQL: ' . mysqli_connect_error());
}
我也试过 mysqli_real_escap() 也 $desc = mysqli_real_escape_string($_REQUEST['description']); 但它根本没有保存。
HTML 表单将所有信息提交到此文件..
if(isset($_REQUEST["submit"])){
$name = $_REQUEST['name'];
$category = $_REQUEST['category'];
$subcategory = $_REQUEST['items'];
$desc = $_REQUEST['description'];
$keywords = $_REQUEST['keywords'];
$address = "NULL";
$state = "NULL";
$city = $_REQUEST['city'];
$zones = $_REQUEST['zones'];
$country = $_REQUEST['country'];
$postcode = "0000";
$phone = $_REQUEST['u_phone'];
$image_name1 = $_FILES['image1']['name'];
$image_size1 =$_FILES['image1']['size'];
$image_tmp1 =$_FILES['image1']['tmp_name'];
$image_name1='prog'.rand().$image_name1;
move_uploaded_file($image_tmp1,'add_images/'.$image_name1);
$image_name2 = $_FILES['image2']['name'];
$image_size2 =$_FILES['image2']['size'];
$image_tmp2 =$_FILES['image2']['tmp_name'];
$image_name2='prog'.rand().$image_name2;
move_uploaded_file($image_tmp2,'add_images/'.$image_name2);
$image_name3 = $_FILES['image3']['name'];
$image_size3 =$_FILES['image3']['size'];
$image_tmp3 =$_FILES['image3']['tmp_name'];
$image_name3='prog'.rand().$image_name3;
move_uploaded_file($image_tmp3,'add_images/'.$image_name3);
$price = $_REQUEST['price'];
$date = date('Y-m-d');
$u_id = $_SESSION['u_id'];
$u_name= $_SESSION['u_name'];
$status= "0";
$flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','$image_name1','$image_name2','$image_name3','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";
$query_OK = mysqli_query($dbc, $mysql_query);
if($query_OK){
$message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';
}else{
$message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
}}
$desc、$name、$keywords 当我尝试保存时,这些东西会产生问题
首先始终检查您的查询是否有错误。请使用 mysqli_error.
所以在你刚刚输出 failure 的地方输入:
printf("Errormessage: %s\n", mysqli_error($dbc));
这将为您提供错误信息的详细信息。
正如你所说,这给了你
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'achat et autres achats en ligne | Bravo Market |Haiti Bravo|HaitBravo Produits' at line 1
也根据您提供的数据
The Title (L'homme )
Keywords (L'homme, d'achat)
description (Produits Électroniques, Voitures, Vêtements, Objets de colléction, Bons d'achat et autres achats en ligne )
所以 L'homme 中的引号结束了你的封装值,然后 mysql 假设 homme 是它应该知道的东西。
由于您只是对描述进行了转义,所以这并没有帮助。您需要转义所有输入。更好的方法是使用 prepared statements。
您遇到的这个错误也是 SQL 注入的发生方式。永远不要将用户数据直接输入到 SQL 查询中。
所以把它们放在一起。
if(isset($_REQUEST["submit"])){
$name = mysqli_real_escape_string($dbc, $_REQUEST['name']);
$category = mysqli_real_escape_string($dbc, $_REQUEST['category']);
$subcategory = mysqli_real_escape_string($dbc, $_REQUEST['items']);
$desc = mysqli_real_escape_string($dbc, $_REQUEST['description']);
$keywords = mysqli_real_escape_string($dbc, $_REQUEST['keywords']);
$address = "NULL";
$state = "NULL";
$city = mysqli_real_escape_string($dbc, $_REQUEST['city']);
$zones = mysqli_real_escape_string($dbc, $_REQUEST['zones']);
$country = mysqli_real_escape_string($dbc, $_REQUEST['country']);
$postcode = "0000";
$phone = mysqli_real_escape_string($dbc, $_REQUEST['u_phone']);
$image_name1 = $_FILES['image1']['name'];
$image_size1 =$_FILES['image1']['size'];
$image_tmp1 =$_FILES['image1']['tmp_name'];
$image_name1='prog'.rand().$image_name1;
move_uploaded_file($image_tmp1,'add_images/'.$image_name1);
$image_name2 = $_FILES['image2']['name'];
$image_size2 =$_FILES['image2']['size'];
$image_tmp2 =$_FILES['image2']['tmp_name'];
$image_name2='prog'.rand().$image_name2;
move_uploaded_file($image_tmp2,'add_images/'.$image_name2);
$image_name3 = $_FILES['image3']['name'];
$image_size3 =$_FILES['image3']['size'];
$image_tmp3 =$_FILES['image3']['tmp_name'];
$image_name3='prog'.rand().$image_name3;
move_uploaded_file($image_tmp3,'add_images/'.$image_name3);
$price = mysqli_real_escape_string($dbc, $_REQUEST['price']);
$date = date('Y-m-d');
$u_id = mysqli_real_escape_string($dbc, $_SESSION['u_id']);
$u_name= mysqli_real_escape_string($dbc, $_SESSION['u_name']);
$status= "0";
$flag = "0";
$mysql_query = "INSERT INTO `bravo_ads`(`ad_title`, `ad_category`, `ad_sub_cat`, `ad_description`, `ad_keywords`, `ad_address`, `ad_state`, `ad_city`, `ad_zone`, `ad_country`, `post_code`, `ad_img_1`, `ad_img_2`, `ad_img_3`, `ad_price`, `u_id`, `u_name`, `u_phone`, `ad_date`, `ad_status`, `flag`) VALUES ('$name','$category','$subcategory','$desc','$keywords','$address','$state', '$city', '$zones','$country','$postcode','" . mysqli_real_escape_string($dbc, $image_name1) . "','" . mysqli_real_escape_string($dbc, $image_name2) . "','" . mysqli_real_escape_string($dbc, $image_name3) . "','$price','$u_id','$u_name', '$phone', '$date','$status','$flag')";
$query_OK = mysqli_query($dbc, $mysql_query);
if($query_OK){
$message = '<div class="success"><b>Operation avec success...!</b> Votre produit a bien été posté . Il sera publié après approbation Administrateur</div>';
}else{
printf("Errormessage: %s\n", mysqli_error($dbc));
$message = '<div class="failed"><b>Operation échoué...!</b> Desoler, Votre produit nas pas ete afficher . Quelque chose a mal tourné . Veuillez réessayer plus encore</div>';
}
}