duan7664
2018-02-27 07:52
浏览 55
已采纳

使用Php将数据插入mysql数据库。 我收到一条错误,指出错误的整数值:''表示第1行的列'rate'

1.Php code is as follows and i do not have an auto increment field full error description

ERROR: Could not able to execute INSERT INTO employee( emp_name, rate, ifsc_code, acc_num, acc_holder_name) VALUES ( '', '', '', '', ''). Incorrect integer value: '' for column 'rate' at row 1

 <?php

include_once('connectdb.php');

$emp_name = mysqli_real_escape_string($link, $_REQUEST['emp_name']);
$rate = mysqli_real_escape_string($link, $_REQUEST['rate']);
$ifsc_code = mysqli_real_escape_string($link, $_REQUEST['ifsc_code']);
$acc_num = mysqli_real_escape_string($link, $_REQUEST['acc_num']);
$acc_holder_name = mysqli_real_escape_string($link, $_REQUEST['acc_holder_name']); 

$sql = "INSERT INTO employee(   emp_name, 
                                rate, 
                                ifsc_code, 
                                acc_num, 
                                acc_holder_name) 

        VALUES              (   '$emp_name', 
                                '$rate',
                                '$ifsc_code',
                                '$acc_num',
                                '$acc_holder_name')";

if(mysqli_query($link, $sql)){

    //echo "<script type='text/javascript'>alert('Commodity added to inventory')</script>";
    echo "<meta http-equiv='refresh' content='0;url=insert_emp_details.php'>";
} else{
    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}

mysqli_close($link);

?>

图片转代码服务由CSDN问答提供 功能建议

1.Php代码如下,我没有自动增量字段 full错误说明

错误:无法执行INSERT INTO员工(emp_name,rate, ifsc_code,acc_num,acc_holder_name)VALUES('','','','',' ')。 错误的整数值:''对于第1行的列'rate'

 &lt;?php 
 
include_once('connectdb  .php'); 
 
 $ emp_name = mysqli_real_escape_string($ link,$ _REQUEST ['emp_name']); 
 $ rate = mysqli_real_escape_string($ link,$ _REQUEST ['rate']); 
 $ ifsc_code =  mysqli_real_escape_string($ link,$ _REQUEST ['ifsc_code']); 
 $ acc_num = mysqli_real_escape_string($ link,$ _REQUEST ['acc_num']); 
 $ acc_holder_name = mysqli_real_escape_string($ link,$ _REQUEST ['acc_holder_name']  );  
 
 $ sql =“INSERT INTO employee(emp_name,
 rate,
 ifsc_code,
 acc_num,
 acc_holder_name)
 
 VALUES('$ emp_name',
'$ rate',
  '$ ifsc_code',
'$ acc_num',
'$ acc_holder_name')“; 
 
if(mysqli_query($ link,$ sql)){
 
 // echo”&lt; script type ='  text / javascript'&gt;提醒('商品已添加到广告资源')&lt; / script&gt;“; 
 echo”&lt; meta http-equiv ='refresh'content ='0; url = insert_emp_details.php'&gt;“  ; 
} else {
 echo“错误:无法执行$ sql。”。  mysqli_error($ link); 
} 
 
mysqli_close($ link); 
 
?&gt; 
   
 
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • duanmeng3476 2018-02-27 07:56
    已采纳

    As per my comments you should convert $rate into integer or remove ' single quotes like this

    $sql = "INSERT INTO employee(   emp_name, 
                                    rate, 
                                    ifsc_code, 
                                    acc_num, 
                                    acc_holder_name) 
    
            VALUES              (   '$emp_name', 
                                    $rate,
                                    '$ifsc_code',
                                    '$acc_num',
                                    '$acc_holder_name')";
    

    Or

    you can convert into integer like this $rate= (int)$rate;

    Also use pdo with bind parameter function for prevent sql injection

    已采纳该答案
    打赏 评论
  • doushi9780 2018-02-27 08:41

    As noted above in a comment the original code is potentially vulnerable to SQL injection so the use of a prepared statement would be advised to help mitigate risk.

    The error message you posted though concerns me - it appears that all the values are empty... is that the case? You should check for the existence of these variables before attempting the sql operations.

    <?php
    
        include_once('connectdb.php');
    
        try{
    
            $sql='insert into `employee` ( `emp_name`, `rate`, `ifsc_code`, `acc_num`, `acc_holder_name` ) values (?,?,?,?,?);';
    
            /* field names expected in REQUEST array and associated data type for filtering */
            $args=array(
                'emp_name'          =>  FILTER_SANITIZE_STRING,
                'rate'              =>  FILTER_SANITIZE_NUMBER_INT, /* assumed that rate is an integer */
                'ifsc_code'         =>  FILTER_SANITIZE_STRING,
                'acc_num'           =>  FILTER_SANITIZE_NUMBER_INT, /* assumed that acc_num is an integer ?? */
                'acc_holder_name'   =>  FILTER_SANITIZE_STRING
            );
            /* filter REQUEST array using above arguments */
            filter_input_array( INPUT_REQUEST, $args );
    
            /* extract variables */
            extract( $_REQUEST );
    
    
            /* If all the variables were extracted correctly after filtering - proceed */
            if( $emp_name && $rate && $ifsc_code && $acc_num && $acc_holder_name ){
    
                /* if the filter failed this will probably never be called but... */
                if( !is_integer( $rate ) ) throw new Exception('rate is not an integer');
    
                /* create a prepared statement */
                $stmt=$link->prepare( $sql );
    
                /* If the query failed for some reason - abandon ship */
                if( !$stmt )throw new Exception( sprintf( 'error preparing sql query: %s', $stmt->error ) );
    
                /* assumed that rate and acc_num is an integer ?? */
                $stmt->bind_param( 'sisis', $emp_name, $rate, $ifsc_code, $acc_num, $acc_holder_name );
    
                /* execute the query */
                $result = $stmt->execute();
                if( $result ){
    
                    echo "Success";
    
    
                } else {
                    throw new Exception( sprintf( "Bogus! %s", $stmt->error ) );
                }
            } else {
                throw new Exception( 'an error occurred extracting one or more variables - check "$args" array!' );
            }
    
        } catch( Exception $e ){
            exit( $e->getMessage() );
        }
    ?>
    
    打赏 评论

相关推荐 更多相似问题