将Unix时间戳转换为MySQL DATETIME
这听起来很愚蠢,但对于我的一生,我无法弄清楚.我已经尝试了一切.
This sounds silly but for the life of me I cannot figure it out. I have tried everything.
问题是我无法弄清楚如何将日期字符串放入MySQL表中...我一直在首先转换为Unix,以解决输入格式的变化.
The problem is that I cannot figure out how to get my date string into my MySQL table... I've been converting to Unix first to account for variations in input format..
$_POST['date']
的格式为:19-1-2013 4:43:32
$_POST['date']
is in this format:19-1-2013 4:43:32
$datestr= strtotime($_POST['date']);
echo $datestr;
$sql = "INSERT INTO `calendar` (`date`, `title`, `event`) VALUES ('FROM_UNIXTIME(".$datestr.")', '".mysql_real_escape_string($_POST['title'])."', '".mysql_real_escape_string($_POST['desc'])."')";
$query = mysql_query($sql);
这是我尝试过的最新操作,但我的DATETIME字段仍为全零.
This is the most recent thing I've tried and I'm still getting all zeros in my DATETIME field.
拜托,我在做什么错了?
Please, what am I doing wrong?
删除函数FROM_UNIXTIME
中的单引号,因为它将使它成为一个值.例如
remove single quotes aroung the function FROM_UNIXTIME
because it will make it a value. eg
$sql = "INSERT INTO `calendar` (`date`, `title`, `event`) VALUES (FROM_UNIXTIME(".$datestr."), '".mysql_real_escape_string($_POST['title'])."', '".mysql_real_escape_string($_POST['desc'])."')";
作为附带说明,您的查询容易受SQL Injection
的攻击,请参阅下面的文章以了解如何保护它免于攻击
As a sidenote, your query is vulnerable with SQL Injection
, please see the article below to learn how to protect from it