PHP插入不插入任何数据
PHP insert into not inserting any data
我有一个 php 语句,用于将一些信息插入到我的 mySQL 数据库中。连接完美。我遇到的问题是我收到以下错误代码:
Error: INSERT INTO tasks ('taskName', 'requestedBy', 'details',
'dateAdded') VALUES ('test1' ,'test3' ,'test3', 2015-01-05') You have
an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near ''taskName',
'requestedBy', 'details', 'dateAdded') VALUES ('test1' ,'test3' ,'te'
at line 1
功能如下
if(isset($_POST["submitTask"])){
insertTask();
};
function insertTask(){
$servername = "localhost";
$username = "tasktrack";
$password = "";
$dbname = "tasktrack";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$taskname = $_POST["task_name"];
$requestedby= $_POST["requested_by"];
$details = $_POST["details"];
$datenow = date("Y-m-d");
$sql = "INSERT INTO tasks ('taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('$taskname' ,'$requestedby' ,'$details', $datenow')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
};
我已经用 $sql 行尝试了多种不同的解决方案,如下所示
$sql = "INSERT INTO tasks ('taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('$taskname' ,'$requestedby' ,'$details', $datenow')";
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ($taskname ,$requestedb ,$details, $datenow)";
$sql = "INSERT INTO tasks (`taskName`, `requestedBy`, `details`, `dateAdded`) VALUES (`$taskname` ,`$requestedb` ,`$details`, `$datenow`)";
现在我被卡住了,想不出更多的尝试了。
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
// Removed quotes from columns, and added missing quote on datenow
请注意,这种向数据库中添加值的技术非常不安全,并且容易受到 SQL 注入攻击。
您不得将字段名称括在撇号或引号中。要么用反引号 (`) 将它们括起来,要么按原样使用它们。
$sql = "INSERT INTO tasks (`taskName`, `requestedBy`, `details`, `dateAdded`) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
或
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
但是,如果字段名称是 MySQL 关键字或包含空格、引号、逗号、括号、运算符或其他在 SQL 中具有特殊含义的字符,则必须将其括起来它们在反引号中或 MySQL 将在特殊字符处报告语法错误。
我有一个 php 语句,用于将一些信息插入到我的 mySQL 数据库中。连接完美。我遇到的问题是我收到以下错误代码:
Error: INSERT INTO tasks ('taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('test1' ,'test3' ,'test3', 2015-01-05') You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('test1' ,'test3' ,'te' at line 1
功能如下
if(isset($_POST["submitTask"])){
insertTask();
};
function insertTask(){
$servername = "localhost";
$username = "tasktrack";
$password = "";
$dbname = "tasktrack";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$taskname = $_POST["task_name"];
$requestedby= $_POST["requested_by"];
$details = $_POST["details"];
$datenow = date("Y-m-d");
$sql = "INSERT INTO tasks ('taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('$taskname' ,'$requestedby' ,'$details', $datenow')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
};
我已经用 $sql 行尝试了多种不同的解决方案,如下所示
$sql = "INSERT INTO tasks ('taskName', 'requestedBy', 'details', 'dateAdded') VALUES ('$taskname' ,'$requestedby' ,'$details', $datenow')";
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ($taskname ,$requestedb ,$details, $datenow)";
$sql = "INSERT INTO tasks (`taskName`, `requestedBy`, `details`, `dateAdded`) VALUES (`$taskname` ,`$requestedb` ,`$details`, `$datenow`)";
现在我被卡住了,想不出更多的尝试了。
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
// Removed quotes from columns, and added missing quote on datenow
请注意,这种向数据库中添加值的技术非常不安全,并且容易受到 SQL 注入攻击。
您不得将字段名称括在撇号或引号中。要么用反引号 (`) 将它们括起来,要么按原样使用它们。
$sql = "INSERT INTO tasks (`taskName`, `requestedBy`, `details`, `dateAdded`) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
或
$sql = "INSERT INTO tasks (taskName, requestedBy, details, dateAdded) VALUES ('$taskname' ,'$requestedby' ,'$details', '$datenow')";
但是,如果字段名称是 MySQL 关键字或包含空格、引号、逗号、括号、运算符或其他在 SQL 中具有特殊含义的字符,则必须将其括起来它们在反引号中或 MySQL 将在特殊字符处报告语法错误。