Question

我知道,很简单,但正出现错误。

<?php  
session_start();  

$dbhost = "###"; // this will ususally be  localhost , but can sometimes differ  
$dbname = "###"; // the name of the database that you are going to use for this project  
$dbuser = "###"; // the username that you created, or were given, to access your database  
$dbpass = "###"; // the password that you created, or were given, to access your database  

mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());  
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());  

mysql_select_db("###", $con);

$safe_email = mysql_real_escape_string($_POST[ email ]);
$sql="INSERT INTO register (email) VALUES ( {$safe_email} )";

if (!mysql_query($sql,$con))
  {
  die( Error:   . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?>

Answer 1

假设:

You don t have a lot of experience with PHP
The information that has been provided to you is correct
This is an example script and you know the values that need to be substituted for $dbname, $dbhost, $dbuser and $dbpass

请尝试如下,并报到,如果你获得任何产出,以检查:

    <?php  
    session_start();  

    print "Connecting and inserting email: ".$_POST[ email ]."...";

    $dbhost = "###"; // this will ususally be  localhost , but can sometimes differ  
    $dbname = "###"; // the name of the database that you are going to use for this project  
    $dbuser = "###"; // the username that you created, or were given, to access your database  
    $dbpass = "###"; // the password that you created, or were given, to access your database  

    $con = mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());  
    mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());  

    $safe_email = mysql_real_escape_string($_POST[ email ]);
    $sql="INSERT INTO register (email) VALUES ( {$safe_email} )";

    if (!mysql_query($sql,$con))
    {
        die( Error:   . mysql_error());
    }
    print "success! Inserted email with row id: ".mysql_insert_id();

    mysql_close($con)
    ?>

Answer 2

在您在问询中使用之前,在您的法典中没有对“条码”进行定义。应:

$con = mysql_connect(...) or die(mysql_error());

除此之外,你的法典还开放给卡普林袭击。应:

$safe_email = mysql_real_escape_string($_POST[ email ]);
$sql="INSERT INTO register (email) VALUES ( {$safe_email} )";

Answer 3

这可能只是我,但你应当只按一行加以扼杀,或为扼杀而使用分类(......)。

$sql="INSERT INTO register (email) VALUES ( $_POST[email] )";

Other than that you should clean the information before adding it into the database otherwise your asking for sql injection attacks.

now to the actual problem. your using a variable that is undefined called conn. i am assuming your referencing the connection made, but you never set that variable to the connection like so

$conn = mysql_connect($dblocal,$dbuser,$dbpass) or die(xxx);

友情链接