Echo & lt; script & gt; problem case & nbsp; 'add' & nbsp;: & nbsp; // add & nbsp; & nbsp; $ sku =$ _ POST ['sku _ txt ']; & nbsp; $ salesku =$ _ POST ['echo script' problem
Case 'add': // add
$ Sku = $ _ POST ['sku _ txt '];
$ Salesku = $ _ POST ['salesku _ txt '];
$ Fnsku = $ _ POST ['fnsku _ txt '];
$ Diqu = $ _ POST ['diqu _ txt '];
$ Asin = $ _ POST ['ASIN'];
$ Accout = $ _ POST ['account'];
$ Type = $ _ POST ['type'];
$ Query = mysql_query ("insert into 'sku _ rule' ('item _ code', 'sku ', 'ASIN', 'fnsk', 'delivery _ areas ', 'account', 'type') values ('$ sku', '$ salesku', '$ asin',' $ fnsku ',' $ diqu ',' $ accout ', '$ type ')");
If (mysql_affected_rows ($ conn )! = 1 ){
Echo "script alert ('failed to add! '); Location. href = 'sku _ comparison. php'; script ";
} Else {
Echo "script" alert ('added successfully! '); Location. href = 'sku _ comparison. php'; script ";
}
Break;
Case 'Del ': // delete
$ Id = $ _ GET ["delivery"];
$ SQL = "delete from 'sku _ rule' where id in ($ id )";
$ Result = mysql_query ($ SQL );
If (mysql_affected_rows ($ conn )! = 1 ){
Echo "script alert ('deletion failed! '); Location. href = 'sku _ comparison. php'; script ";
} Else {
Echo "script" alert ('deleted successfully! '); Location. href = 'sku _ comparison. php'; script ";
}
Break;
The deletion prompt shows that the output is normal, that is, the newly added output is abnormal. how can I share the code:
------ Solution --------------------
'$ Sku', '$ salesku', '$ asin', '$ fnsku', '$ diqu',' $ accout ',' $ type'
Add mysql_real_escape_string ();
For example, mysql_real_escape_string ($ sku );
It is suspected that the quotation marks in your variables are not escaped, resulting in mysql insert into failure,