dongyuxiao6295 2019-01-24 12:38
浏览 37

我的INSERT语句有什么问题? (PHP)[重复]

This question already has an answer here:

I am trying to execute this INSERT statemente but it isn't executed. I echoed the $query string and it seems ok. When attempting to execute with mysqli_query($connect, $query) nothing happens, just a blank screen.

$query = "INSERT INTO spservices('service_no', 'service_email', 'service_type', 'service_exit_node', 'service_billing', 'service_next_due', 'service_download', 'service_password') 
VALUES('$serviceNo','$mail', '$serviceType', '$enode', '$serviceBilling','$nextDue','Pending until payment confirmed','$servicePass')";

if (mysqli_query($connect, $query)) {
    //MY CODE SENDS AN EMAIL HERE
}

</div>
  • 写回答

1条回答 默认 最新

  • drq1257 2019-01-24 12:38
    关注

    Strings with single quotes are considered as user inputs not table/field names in SQL.

    So, the corrected SQL:

    $query       = "INSERT INTO spservices(service_no, service_email, service_type, service_exit_node, service_billing, service_next_due, service_download, service_password) 
VALUES('$serviceNo','$mail', '$serviceType', '$enode', '$serviceBilling','$nextDue','Pending until payment confirmed','$servicePass')";

    Instead of single quotes in field names, you can use backtick operator

    (`) around column/field names.

    This is useful when your field name is exactly a reserved SQL word.

    For example.

    SELECT `select` FROM users
    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度