我想动态地将数据插入到我的 phpmyadmin mysql 数据库中。所以我从用户那里获取值,然后运行 mysqli 的 insert 命令来插入数据。
但是我的插入命令不起作用。这是我的代码:
$rest_name = $_SESSION['rest_name'];
$order = $_SESSION['order'];
$user = $_SESSION['username'];
$bill = $_SESSION['bill'];
$ctime = date("H:i:s", strtotime($_POST['time']));
$insert_sql = "INSERT INTO '$rest_name' ('orders','amount',
'time','username') VALUES('$order', '$bill', '$ctime','$user')';
echo $insert_sql;
if(mysqli_query($conn,$insert_sql)){
echo "done";
}
else{
echo "not done";
}
我的数据库中有 6 列,但我需要插入 4 列,仅将其他两列设置为默认值。
最佳答案
$insert_sql 末尾缺少引号,请尝试以下操作:
$rest_name = $_SESSION['rest_name'];
$order = $_SESSION['order'];
$user = $_SESSION['username'];
$bill = $_SESSION['bill'];
$ctime = date("H:i:s", strtotime($_POST['time']));
$insert_sql = "INSERT INTO '$rest_name' ('orders','amount','time','username') VALUES('$order', '$bill', '$ctime','$user')'";
echo $insert_sql;
if(mysqli_query($conn,$insert_sql)){
echo "done";
}
else{
echo "not done";
}
另外,用你的方法你可能会遭受sql注入(inject)!尽量避免以这种方式插入数据!您应该像这样插入:
$stmt = $dbConnection->prepare('SELECT * FROM employees WHERE name = ?');
$stmt->bind_param('s', $name);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
关于php - 当我尝试动态插入时,mysql的插入命令不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35803992/