This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(12个答案)
2年前关闭。
编辑
感谢您使用PDO并正确绑定参数。您将不会相信人们有多少次将请求参数直接插入其语句中。做得好!
编辑#2
您是否确定要绑定的变量具有值?可能无关,但请阅读以下内容:https://stackoverflow.com/a/5077108/296555。
另外,您将$ password变量用作$ pass。
例子1
例子2
(12个答案)
2年前关闭。
<?php
try
{
$con = new PDO("mysql:host = localhost;dbname=nannu","root","");
if(isset($_POST['login']))
{
$name = $_POST['name'];
$password = $_POST['password'];
$email = $_POST['email'];
$date = $_POST['date'];
$month = $_POST['month'];
$year = $_POST['year'];
$insert = $con->prepare(" INSERT INTO details (name,password,email,date,month,year)VALUES (':name',':password',':email',':date',':month',':year')");
$insert->bindParam (':name',$name);
$insert->bindParam (':password',$pass);
$insert->bindParam (':email',$email);
$insert->bindParam (':date',$date);
$insert->bindParam (':month',$month);
$insert->bindParam (':year',$year);
$insert->execute();
}
}
?>
最佳答案
发生这种情况是因为您在占位符周围有单引号,因此将其视为字符串文字。只需删除单引号,就应该排除所有其他问题。
<?php
try
{
$con = new PDO("mysql:host = localhost;dbname=nannu","root","");
if(isset($_POST['login']))
{
$name = $_POST['name'];
$password = $_POST['password'];
$email = $_POST['email'];
$date = $_POST['date'];
$month = $_POST['month'];
$year = $_POST['year'];
$insert = $con->prepare(" INSERT INTO details (name,password,email,date,month,year)VALUES (:name,:password,:email,:date,:month,:year)");
$insert->bindParam (':name',$name);
$insert->bindParam (':password',$pass);
$insert->bindParam (':email',$email);
$insert->bindParam (':date',$date);
$insert->bindParam (':month',$month);
$insert->bindParam (':year',$year);
$insert->execute();
}
}
?>
编辑
感谢您使用PDO并正确绑定参数。您将不会相信人们有多少次将请求参数直接插入其语句中。做得好!
编辑#2
您是否确定要绑定的变量具有值?可能无关,但请阅读以下内容:https://stackoverflow.com/a/5077108/296555。
另外,您将$ password变量用作$ pass。
例子1
<?php
try
{
$con = new PDO("mysql:host = localhost;dbname=nannu","root","");
if(isset($_POST['login']))
{
$name = $_POST['name'];
$password = $_POST['password'];
$email = $_POST['email'];
$date = $_POST['date'];
$month = $_POST['month'];
$year = $_POST['year'];
// Used single quotes to wrap statement and using named placeholders
$insert = $con->prepare('INSERT INTO details (name, password, email, date, month, year) VALUES (:name, :password, :email, :date, :month, :year)');
// Params passed in to execute method
$insert->execute(array(
':name' => $name,
':password' => $password,
':email' => $email,
':date' => $date,
':month' => $month,
':year' => $year
));
}
}
?>
例子2
<?php
try
{
$con = new PDO("mysql:host = localhost;dbname=nannu","root","");
if(isset($_POST['login']))
{
$name = $_POST['name'];
$password = $_POST['password'];
$email = $_POST['email'];
$date = $_POST['date'];
$month = $_POST['month'];
$year = $_POST['year'];
// Used single quotes to wrap statement and using anon placeholders
$insert = $con->prepare('INSERT INTO details (name, password, email, date, month, year) VALUES (?, ?, ?, ?, ?, ?)');
// Params passed in to execute method
$insert->execute(array(
$name,
$password,
$email,
$date,
$month,
$year
));
}
}
?>
关于php - 在数据库中,我正在获取诸如:name,:email等之类的值,虽然它没有显示任何错误,但我不知道该怎么做,因为我开始学习php f ,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/44142439/
10-12 07:39