C 知道

消息
创作中心
dsnpjz6907 2018-09-11 16:03
浏览 289
已采纳

检查与您的MySQL服务器版本相对应的手册,以便在'?,?,?,?附近使用正确的语法?

I'm trying to create a form and import submitted data to a database, 

<?php
// db has to be manually created first
$host = "localhost";
$userName = "user";
$password = "";
$dbName = "test";

// Create database connection
$conn = new mysqli($host, $userName, $password, $dbName);

// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}


if((isset($_POST['your_name'])&& $_POST['your_name'] !='') && (isset($_POST['your_email'])&& $_POST['your_email'] !=''))
{

$yourName = $conn->real_escape_string($_POST['your_name']);
$yourEmail = $conn->real_escape_string($_POST['your_email']);
$yourPhone = $conn->real_escape_string($_POST['your_phone']);
$comments = $conn->real_escape_string($_POST['comments']);


$sql = "INSERT INTO contact_form_info (name, email, phone, comments)
        VALUES (?,?,?,?)";



//$stmt = mysqli_prepare($sql);
//if ($stmt = $conn->prepare(" INSERT INTO contact_form_info WHERE name = ?  email = ? phone = ? comments = ? ")) {
if ($stmt = $conn->prepare($sql)) {

$stmt->bind_param("ssss", $yourName, $yourEmail, $yourPhone,$comments);

$stmt->execute();
}

When I submit my form, I get the following error

check the manual that corresponds to your MySQL server version for the right syntax to use near '?,?,?,?)"

Can someone please check my code and tell me what's wrong with it?

And thanks in advance

展开全部

  • 写回答

1条回答 默认 最新

  • dongyong2063 2018-09-11 19:45
    关注

    This error shows that for some reason, the question marks are not being bound to the appropriate variables. MySQL is complaining because the question marks are not encapsulated with "".

    Ass @RiggsFolly pointed out, you don't need to call $conn->real_escape_string as you are using prepared statements.

    (Also, there is no need to check isset() and an empty string, empty() basically does an isset anyway)

    <?php
// db has to be manually created first
$host = "localhost";
$userName = "user";
$password = "";
$dbName = "test";

// Create database connection
$conn = new mysqli($host, $userName, $password, $dbName);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

if(!empty($_POST['your_name']) && !empty($_POST['your_email']) {

    $sql = "INSERT INTO contact_form_info (name, email, phone, comments) VALUES (?,?,?,?)";

    $stmt = $conn->prepare($sql);

    $stmt->bind_param("ssss", $_POST['your_name'], $_POST['your_email'], $_POST['your_phone'],$_POST['comments']);

    $stmt->execute();
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

 客服 返回
顶部