mysqli_stmt_execute不向数据库插入值

问题描述：

<?php
$dbhost="00webhost.com";
$dbuser="a55826qwqw";
$dbpass="subseasdasd";
$dbname="asdasdas";
$con=mysqli_connect($dbhost,$dbuser,$dbpass,$dbname);
$name=$_POST["name"];
$username=$_POST["username"];
$phone=$_POST["phone"];
$mail=$_POST["mail"];
$password=$_POST["password"];
$statement=mysqli_prepare($con,"INSERT INTO mandi(nAme,uSername,pHoneno,mAil,pAssword) VALUES($name,$username,$phone,$mail,$password)") or die(mysqli_error($con));
mysqli_stmt_execute($statement);
mysqli_stmt_close($statement);
mysqli_close($con);

the values are taken from android i.e name ,username and others. but When i give strings instead of $name,$username etc it inserts . please tell me where iam wrong.

the above same works fine for this statement

$statement=mysqli_prepare($con,"INSERT INTO   mandi(nAme,uSername,pHoneno,mAil,pAssword) VALUES('me','user',123,'mailw','user')");

The android part to send data to server is

 ArrayList<NameValuePair>dataToSend=new ArrayList<>();
        dataToSend.add(new BasicNameValuePair("name",user.name));
        dataToSend.add(new BasicNameValuePair("username",user.username));
        dataToSend.add(new BasicNameValuePair("phone",user.phone+""));
        dataToSend.add(new BasicNameValuePair("mail",user.mail));
        dataToSend.add(new BasicNameValuePair("password", user.password));


       HttpParams httpParams=new BasicHttpParams();
       HttpConnectionParams.setConnectionTimeout(httpParams, CONNECTION_TIMEOUT);
      HttpConnectionParams.setSoTimeout(httpParams, CONNECTION_TIMEOUT);

        HttpClient client=new DefaultHttpClient();
        HttpPost post=new HttpPost(SERVER_ADDRESS+"Register.php");
        //Log.d("address",SERVER_ADDRESS+"Register.php");
        try{
            post.setEntity(new UrlEncodedFormEntity(dataToSend));
            client.execute(post);
        }catch (Exception e){
            e.printStackTrace();
        }

答

Here is a snippet I wrote that I use for my basic bind_param functions.

    //  Assigned key            
$var = ??


                // Insert the new user into the database 
    $sql = "
        INSERT INTO table (
column,...,...
     )
        VALUES (
        ?,..,..,)";

       $insert_stmt = $mysqli->prepare($sql);

        // Insert the new user into the database
        if ($insert_stmt)
        {
            $insert_stmt->bind_param('ss',$var, $var);

            // Execute the prepared query.
            if (! $insert_stmt->execute()) {
               echo 'error';
            }
        }
        }

mysqli_stmt_execute不向数据库插入值

相关推荐