我正在尝试将记录插入 mysql 数据库,但字段为空。这是我的 js:
$("#submit").click(function() {
var product1name = $("input#product1name").val();
var product2name = $("input#product2name").val();
var product3name = $("input#product3name").val();
var product4name = $("input#product4name").val();
var product5name = $("input#product5name").val();
var product1quantity = $("input#product1quantity").val();
var product2quantity = $("input#product2quantity").val();
var product3quantity = $("input#product3quantity").val();
var product4quantity = $("input#product4quantity").val();
var product5quantity = $("input#product5quantity").val();
var dataString = 'product1name='+ product1name + 'product2name=' + product2name + 'product3name=' + product3name + 'product4name=' + product4name + 'product5name=' + product5name + 'product1quantity='+ product1quantity + 'product2quantity='+ product2quantity + 'product3quantity='+ product3quantity + 'product4quantity='+ product4quantity + 'product5quantity='+ product5quantity + 'salesid='+ salesid + 'email='+ email + 'wpuseremail='+ wpuseremail;
$.ajax({
type: "POST",
url: "process.php",
data: dataString,
success: function(json) {
$('#contact_form').html("<div id='message'></div>");
$('#message').html(json.type)
.append(json.message)
.hide()
.fadeIn(1500, function() {
$('#message').append("<img id='checkmark' src='images/check.png' />");
});
}
});
return false;
});
这是我的 php:
<?php
$product1quantity = $_POST["product1quantity"];
$product2quantity = $_POST["product2quantity"];
$product3quantity = $_POST["product3quantity"];
$product4quantity = $_POST["product4quantity"];
$product5quantity = $_POST["product5quantity"];
$username = "user";
$password = "pass";
$hostname = "host";
$dbhandle = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
$selected = mysql_select_db("dbname",$dbhandle)
or die("Could not select dbname");
$result = "INSERT INTO dbname.tablename (product1name, product2name, product3name, product4name, product5name, product1quantity, product2quantity, product3quantity, product4quantity, product5quantity, id) VALUES ('', '', '', '', '', product1quantity, product2quantity, product3quantity, product4quantity, product5quantity, NULL)";
mysql_query($result);
mysql_close($dbhandle);
$response = array('type'=>'', 'message'=>'');
$response['type'] = 'success';
$response['message'] = 'Thank-You for submitting the form!';
print json_encode("success");
?>
我已经确认,当我不在 INSERT 语句中使用变量,而是使用硬编码值时,它是有效的。我的变量似乎有问题。
最佳答案
似乎你所谓的变量前面没有 $..
看
$result = "INSERT INTO dbname.tablename (product1name, product2name, product3name, product4name, product5name, product1quantity, product2quantity, product3quantity, product4quantity, product5quantity, id) VALUES ('', '', '', '', '', $product1quantity, $product2quantity, $product3quantity, $product4quantity, $product5quantity, NULL)";
但请修复您的代码,因为由于 SQL 注入(inject)安全漏洞,直接从 POST 变量插入的风险很高
你可以考虑使用像 PDO 或 mySQLi 这样的预处理语句
在这里阅读更多:http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/
关于php - 使用json更新mysql数据库空白字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16553198/