No matter what data is submitted, the content in the image is inserted, that is, the name itself is inserted, and the name value is not inserted. Why? Can someone help me with my code? Thank you! This is 1.php{ code...} This is 2.php{ code ...}
No matter what data is submitted, the content in the image is inserted, that is, the name itself is inserted, and the name value is not inserted. Why? Who can help me try my code? Thank you.
This is 1.php
"SET NAMES 'utf8'")); $rs = $db -> prepare("select * from `baidu`;"); $rs -> execute(); $list = $rs -> fetchAll(PDO::FETCH_ASSOC);?> '; echo $v['name'].'
'; echo $v['num'].'
'; echo $v['site'].'
'; echo $v['content'].'
'; } ?>
This is 2.php
Exec ("insert into baidu (type, name, num, site, content) VALUES ('{$ _ POST ['select']}', '{$ _ POST ['name']}', '{$ _ POST ['num']}', '{$ _ POST ['SITE']}', '{$ _ POST ['content']}') ") {echo" script alert ('published successfully'); location = '1. php'; script ";}?>
Reply content:
No matter what data is submitted, the content in the image is inserted, that is, the name itself is inserted, and the name value is not inserted. Why? Who can help me try my code? Thank you.
This is 1.php
"SET NAMES 'utf8'")); $rs = $db -> prepare("select * from `baidu`;"); $rs -> execute(); $list = $rs -> fetchAll(PDO::FETCH_ASSOC);?> '; echo $v['name'].'
'; echo $v['num'].'
'; echo $v['site'].'
'; echo $v['content'].'
'; } ?>
This is 2.php
Exec ("insert into baidu (type, name, num, site, content) VALUES ('{$ _ POST ['select']}', '{$ _ POST ['name']}', '{$ _ POST ['num']}', '{$ _ POST ['SITE']}', '{$ _ POST ['content']}') ") {echo" script alert ('published successfully'); location = '1. php'; script ";}?>
Now that you are using PDO, change the insert logic of 2.php:
$sql = "INSERT INTO baidu(type,name,num,site,content) VALUES (:type,:name,:num,:site,:content)";$stmt = $pdo->prepare($sql);$stmt->execute(array(':type' => $_POST['type'], ':name' => ....));
Actually, I am also a little white. '{$ _ POST ['name']}'. The quotation marks next to the name do not need to be escaped because there are already quotation marks, I have never tried it. Is it true?
No value is passed in the form. After submission, print it to see if the data is correct.