-1
<?php
$con=mysqli_connect("localhost","root","") or die(mysql_error());
$db=mysqli_select_db($con,"registration") or die(mysql_error());
if(isset($_POST['submit1'])){
$t1=$_POST['t1'];
$t2=$_POST['t2'];
$t3=$_POST['t3'];
$t4=$_POST['t4'];
$r1=$_POST['r1'];
$query="INSERT INTO regtable(t1,t2,t3,t4,r1)VALUES ($t1,$t2,$t3,$t4,$r1)";
if(mysqli_query($con,$query)){
echo "<script>alert('Your are successfully registered!')</script>";
}
}
?>
使用反引号'\''和单引号''' – C2486
不是一个解决方案,但你的代码是很容易到MySQL注入!你应该看看使用准备好的语句,否则你的用户可能会搞砸你的数据库。 –