1. 首页
  2. 问答
  3. 如何使用Textarea将此数据存储在数据库中?

如何使用Textarea将此数据存储在数据库中?

2014-10-04 119 views
0

我收到此错误信息:如何使用Textarea将此数据存储在数据库中?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Hello World'; ?>')' at line 1

我期待存储以下数据:

<?php echo 'Hello World'; ?>

这是我的代码:

if(isset($_POST['submit'])){ 
    $post = $_POST['post']; 


    $tqs = "INSERT INTO ttn03 (post) VALUES ('$post')"; 

    $tqr = mysqli_query($dbc, $tqs) or die(mysqli_error($dbc)); 

    echo "The data has gotten successfully added."; 
}

使用这两个没有为工作me:

htmlspecialchars(); 
htmlentities();

这是HTML表单:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> 
    <textarea name="post" value=""></textarea> 
    <br/> 
    <input type="submit" name="submit"/> 
</form>

数据库归类是:

utf8_unicode_ci

这是我的头:

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

有什么建议?

来源

2014-10-04 ftxn

+1

** STOP投掷的数据。 **我不知道是谁给了你直接在SQL中抛出'$ post'数据的想法,但他应该被枪杀。 – Christian 2014-10-04 09:59:33

回答

0

这是代码应如何看起来像:

// first of all, make sure 'post' is set - don't let PHP guessing what to when it's not set. 
if(isset($_POST['post'])){ 
    $post = $_POST['post']; 
}else{ 
    $post = ''; 
} 

// this is your SQL QUERY. Never, ever, ever, throw data in sql queries 
$tqs = $mysqli->prepare('INSERT INTO ttn03 (post) VALUES (?)'); 

// this is how to pass data to the statement 
$statement->bind_param('s', $post); 

// execute the statement and prints errors 
if(!$statement->execute()){ 
    die('Error '. $mysqli->errno .': '. $mysqli->error); 
} 

// close statement 
$statement->close();

你可以找到一些优秀的文档和例子在这里:SQL查询中

http://www.sanwebe.com/2013/03/basic-php-mysqli-usage

来源

2014-10-04 10:07:01 Christian

相关问题

 相关问题