我正在设置页面来执行查询,但没有发生
<?php
$username = "root";
$password = "";
$dbname = "grading";
$mysqli = new mysqli("localhost", $username, $password, $dbname);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
$addregno = filter_input(INPUT_POST ,'add_s_regno');
$addname =filter_input( INPUT_POST ,'add_s_name');
$q1 = filter_input( INPUT_POST ,'add_q1');
$q2 = filter_input( INPUT_POST ,'add_q2');
$q3 = filter_input( INPUT_POST ,'add_q3');
$q4 = filter_input( INPUT_POST ,'add_q4');
$q5 = filter_input( INPUT_POST ,'add_q5');
$q6 = filter_input( INPUT_POST ,'add_q6');
$q7 = filter_input( INPUT_POST ,'add_q7');
$q8 = filter_input( INPUT_POST ,'add_q8');
$q9 = filter_input( INPUT_POST ,'add_q9');
$q10 = filter_input( INPUT_POST ,'add_q10');
if($addregno=="" OR $addname=="" OR $q1=="" OR $q2=="" OR $q3=="" OR $q4=="" OR $q5=="" OR $q6=="" OR $q7=="" OR $q8=="" OR $q9=="" OR $q10=="")
{
echo "<script type='text/javascript'>alert('Enter all The Details');</script>";
}
else
{
$total=$q1+$q2+$q3+$q4+$q5+$q6+$q7+$q8+$q9+$q10;
$sql=" INSERT INTO studentmarks (`Reg_No`, `student_name`, `q1`, `q2`, `q3`, `q4`, `q5`, `q6`, `q7`, `q8`, `q9`, `q10`, `Total`) VALUES ($addregno,$addname,$q1,$q2,$q3,$q4,$q5,$q6,$q7,$q8,$q9,$q10,$total)";
$result=$mysqli->query($sql);
if($result==true)
{
echo "<script>window.location = 'markentry.php'; alert('success entry');</script>" ;
}
else{
echo "<script>window.location = 'markentry.php'; alert('failed');</script>";
}
}
?>
最佳答案
插入时,正确的做法是:
$sql=" INSERT INTO studentmarks (`Reg_No`, `student_name`, `q1`, `q2`, `q3`, `q4`, `q5`, `q6`, `q7`, `q8`, `q9`, `q10`, `Total`) VALUES ('$addregno','$addname','$q1','$q2','$q3','$q4','$q5','$q6','$q7','$q8','$q9','$q10','$total')";
也就是说,'$q7' 而不是 $q7(引号)。但这并不是因为 sql 注入(inject)的原因
关于php - SQL 查询不起作用,但连接已完成,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54070246/