dos71253 2015-07-07 03:31
浏览 27
已采纳

为什么这个sql查询在数据库中插入垃圾值而不是数值[POST方法]

I am working on this form but it's stroing garbage value of the 'phone' field in the database where I am giving the right number. what's wrong in the code? First i set the length of that field to 11 and thought that could be the problem. but when I increased that to even 50 the same problem occurred again. How to solve this?

PS: neglect the security part of the form, it's just for testing purpose.

<table border="1" id="tab1">
<form action="create.php" method="POST" enctype="multipart/form-data">

    <tr align='center'><td>Ad Title:</td><td><input type='text' name='ad_title' id="ad_title" placeholder='type ad title'/></td></tr>
    <tr align='center'><td>Ad Description:</td><td><textarea name='ad_details' id="ad_details" placeholder='type ad details' cols="40" rows="10"></textarea></td></tr>
    <tr align="center"></tr>
    <tr align="center"><td>Category:</td><td>
        <select name="category">
            <option value="mobile">Mobile Phone</option>
            <option value="computer">Computer</option>
            <option value="book">Books</option>
            <option value="fashion">Fashion and Beauty</option>
        </select>
    </td></tr>
    <tr align='center'><td>Phone Number:</td><td><input type='number' id="phone" name='phone' placeholder='type your Phone Number'/></td></tr>

    <tr align='center'><td>Email:</td><td><input type='text' name='email' id="email" placeholder='type your email'/></td></tr>

    <tr align='center'><td>Price:</td><td><input type='text' name='price' id="price" placeholder='enter your desired Price'/></td></tr>

    <tr align="center"><td>Negotiable:</td><td><input type="radio" name="nego" value="yes"/>YES<input type="radio" name="nego" value="no"/>NO</td></tr>

    <tr align="center"><td>City/Town:</td><td>
        <select name="city">
            <option value="Jalpaiguri">Jalpaiguri</option>
            <option value="Siliguri">Siliguri</option>
        </select>
    </td></tr>

    <tr align='center'><td>Location:</td><td><input type='text'  id="location" name='location' placeholder='type your Location'/></td></tr>
    <tr><td>Choose Photo for Ad:</td><td><input type='file' name='ad_pic'/></td></tr>
    <tr align='center'><td colspan="7"><input type='submit' id="submit" name ='submit' value='Create Ad'/></td></tr>
</form>
</table>

the php code is as follows:

<?php

session_start();

if(!isset($_SESSION['username'])){
    header("location:login.php");
}

$user  = $_SESSION['username'];

$conn = new mysqli("localhost","root","","pending");

    if($conn->connect_error){
        echo "<script>document.getElementById('noti').innerHTML='Database Error.Please Try again !';</script>";
    }

if(isset($_POST['submit'])){

    $ad_title = $_POST["ad_title"];
    $ad_details = $_POST["ad_details"];
    $category = $_POST["category"];
    $phone = $_POST["phone"];
    $email = $_POST["email"];
    $nego = $_POST["nego"];
    $city = $_POST["city"];
    $location = $_POST["location"];
    $price = $_POST["price"];

$sql = $conn->query("INSERT INTO ads(ad_id,user_name,ad_title,ad_details,price,category,phone,email,negotiable,city,location) VALUES('','$user','$ad_title','$ad_details','$price','$category','$phone','$email','$nego','$city','$location')");

$pid = $conn->insert_id;

$newname = "$pid.jpg";

move_uploaded_file($_FILES['ad_pic']['tmp_name'], "ad_images/$newname");
}

?>

  • 写回答

1条回答 默认 最新

  • dongma6326 2015-07-07 05:01
    关注

    Problem is with your Insert Query.

    in your phone database field you given type as INT. And in your query you are trying to insert as a string '$phone'.

    Correct way is, You should use just $phone.

    Explaining Why

    Why this statement is wrong in your case.('$phone' and $phone)

    • Anything between single-quotes is considered a string, not a number. When you say '500', MySQL reads that as three characters of text, but when you say 500, MySQL reads that as a single number.
    • The BETWEEN ... AND operators are meant to check if a value is in between a range of numbers (dates are also considered numbers internally). Trying to use it on strings will not work properly.
    • This is a big mistake, by the way. A huge waste of space. When you store an integer as a VARCHAR, the storage requirements for each letter in the number is equal to the total storage requirements if it were stored as an INT.

    So your Query should come as

    $sql = $conn->query("INSERT INTO ads(ad_id,user_name,ad_title,ad_details,price,category,phone,email,negotiable,city,location) VALUES('','$user','$ad_title','$ad_details','$price','$category',$phone,'$email','$nego','$city','$location')");
    

    To Get easy idea

    change this to '$phone' this $phone

    Difference between varchar and int

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 树莓派安卓APK系统签名
  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥65 汇编语言除法溢出问题
  • ¥15 Visual Studio问题
  • ¥15 state显示变量是字符串形式,但是仍然红色,无法引用,并显示类型不匹配
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波