INSERT INTO语句不会将数据发布到表[关闭]
I am trying to post data to a table in my database, but there is no error messages as to why the data is not posted. I have inserted data into the table in phpmyadmin and this data is printed with the result while loop, but data will not post to the table.
<!-- form to take input-->
<form name='form1' method='post'>
Name:
<input type='text' name='Name' id='name' /> <br />
Comment:
<input type='text' name='Comment' id='comment' /> <br />
<input type="submit" name='submit' value="Submit" id='submit'>
</form>
<!-- start php-->
<?php
if(isset($_POST['submit']))
{
$name = $_POST['Name'];
$comment = $_POST['Comment'];
}
$con = mysqli_connect("localhost", "kodie", "hill1124", "comments");
if(mysqli_connect_errno())
{
echo "Failed to connect to MySql: ". mysqli_connect_error();
}
mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()");
$query = "SELECT * FROM commenttable";
$result = mysqli_query($con, $query);
$hash = $result;
echo "<table>";
if($hash = NULL)
{
echo "null";
}
while($row = mysqli_fetch_array($result))
{
echo "<tr><td>" . $row['Name'] . "</td><td>" . $row['comment'] . "</td><td>" . $row['timestamp'] . "</td></tr>"; //$row['index'] the index here is a field name
}
echo "</table>";
mysqli_close($con);
?>
I am unsure why it won't post, I don't think it is permissions but I am new to using mysql and don't understand why the statement compiles without errors but doesn't actually put the data on the table.
Any help is appreciated.
You are missing a closing ) at the end of your insert statement:
mysqli_query
($con,
"INSERT INTO commenttable VALUES ('$name','$comment',NOW())");
// This one ^
See the line mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()");
You havnt Closed the mysqli_query().
It must be mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()"));
Missing parenthesis in
mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()");
should be
mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()")); // missing )
In order to INSERT data in your database you need to adjust the insert query.
What you have now:
mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW()");
Should be
mysqli_query($con, "INSERT INTO commenttable VALUES ('$name', '$comment', NOW())");
You should also consider using mysqli_real_escape_string to prevent SQL-injection
So:
$name = $_POST['Name'];
$comment = $_POST['Comment'];
Becomes:
$name = mysqli_real_escape_string($con, $_POST['Name']);
$comment = mysqli_real_escape_string($con, $_POST['Comment']);
You can also take a look at the following:
- http://php.net/manual/en/mysqli.real-escape-string.php;
- http://nl3.php.net/manual/en/function.trim.php (removes left over spaces);
- http://nl3.php.net/manual/en/function.strip-tags.php (Optional removes html tags from string)
UPDATE
<!-- form to take input-->
<form action="" name="form1" method="post">
Name:
<input type="text" name="Name" id="name"> <br>
Comment:
<input type="text" name="Comment" id="comment"> <br>
<input type="submit" name='submit' value="Submit" id="submit">
</form>
<!-- start php-->
<?php
if($_POST) {
$con = mysqli_connect("localhost", "kodie", "hill1124", "comments");
$name = mysqli_real_escape_string($con, trim($_POST['Name']));
$comment = mysqli_real_escape_string($con, trim($_POST['Comment']));
if (mysqli_connect_errno()) {
echo "Failed to connect to MySql: " . mysqli_connect_error();
}
if (!empty($name) && !empty($comment)) {
$query = mysqli_query($con, "INSERT INTO commenttable VALUES ('$name','$comment',NOW())");
// Check if the query succeeded
if (mysqli_affected_rows($con)) {
$query = "SELECT * FROM commenttable";
$result = mysqli_query($con, $query);
$hash = $result;
echo "<table>";
}
} else {
echo 'Something went wrong: '. mysqli_error($con); // Echo the error (You could replace echo with die())
}
}
if ($hash = NULL) {
echo "null";
}
while ($row = mysqli_fetch_array($result)) {
echo "<tr><td>" . $row['Name'] . "</td><td>" . $row['comment'] . "</td><td>" . $row['timestamp'] . "</td></tr>"; //$row['index'] the index here is a field name
}
echo "</table>";
mysqli_close($con); // this is not necessary
}
?>