textarea 内容插入 mysql 数据库失败
textarea content insertion failed to mysql database
我正在尝试将 post 记录到数据库中,同一脚本几天前在我修改我的网站后工作正常,但它无法正常工作。
当我尝试回显内容时,我发现一切正常。即使我尝试插入没有 textarea 内容的记录,但只有当我尝试插入包含内容的记录时它才能正常工作我的意思是 $post_content 然后我在查询中遇到错误。
如果我使用 mysql_real_escape_string(),我插入了记录,但没有文本区域内容,它是空白的,我使用 nl2br() 来转义换行符,但此时完全没有任何效果,而且同样代码在我的本地计算机服务器上运行良好,但找不到真正的问题所在。
我认为是文本编辑器导致了问题,我现在正在使用 niceEdit,我也尝试过使用 tinyMce,但没有成功。谁能帮帮我?
<!DOCTYPE html>
<html>
<head>
<title> Insert New Post</title>
<script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script>
<script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script>
<style>
input[type="text"]{
width:90%;
height: 30px;
}
select{
height: 30px;
}
table{
width:100%;
}
label{
font-weight:300;font-size:1.5em;text-align: right;
}
textarea{
width: 90%;
}
</style>
</style>
</head>
<!-- BEGIN BODY -->
<body>
<?php include('config.php'); ?>
<?php
ob_start();
if($_SERVER["REQUEST_METHOD"] == "POST"){
$post_title=$_POST['post_title'];
$post_author=$_POST['post_author'];
//$post_date=date("l jS \of F Y h:i:s A");
//$post_date=date("l jS \of F Y");
$post_catagory=$_POST['post_catagory'];
$post_image=$_FILES['post_image']['name'];
$post_image_tmp=$_FILES['post_image']['tmp_name'];
$post_keyword=$_POST['post_keyword'];
$post_page=$_POST['post_page'];
$post_content=mysql_real_escape_string($_POST['post_content']);
// $post_content= nl2br($post_content);
if($post_author==''){
echo "<script>alert('You must fill all blank fields'); window.location('insert_post.php');</script>";
exit();
}
else{
move_uploaded_file($post_image_tmp,"../../images/$post_image");
$sql="insert into post (page_id,post_title,post_author,post_image,post_keywords,post_catagory,post_content) values ('$post_page','$post_title','$post_author','$post_image','$post_keyword','$post_catagory','$post_content')";
$result=mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
if(!$result){
echo"<h2 style=\"color:red;position:absolute;top:0;left:400px;\">Your post wasnt posted something is worng</h2>";
exit();
}else{
echo"<h2><script>alert('Your Post has been published successfully!')</script>";
echo"<script>window.open('insert_post.php','_self')</script>";
}
}
}
?>
<!-- MAIN WRAPPER -->
<div id="wrap" >
<?php
//echo $post_author;
// echo $post_title;
// echo $post_page;
// echo $post_keyword;
// echo $post_content;
// echo $post_image;
?>
<!-- MENU SECTION -->
<!--END MENU SECTION -->
<!--PAGE CONTENT -->
<?php //include('include/content.php'); ?>
<div class="row">
<div class="col-lg-12">
<div id="post_form">
<table>
<form action="" method="post" enctype="multipart/form-data" id="post_form">
<tr>
<td><label>Post Title</label></td>
<td><input class="form-control" type="text" name="post_title"></td>
</tr>
<tr>
<td><label>Post Author</label></td>
<td><input class="form-control" type="text" name="post_author"></td>
</tr>
<tr>
<td> <label>Post Catagory</label></td>
<td><select class="form-control" name="post_catagory">
<?php
$sql="select * from catagory";
$result=mysqli_query($bd,$sql) or die("Error:".mysql_error());
while($row=mysqli_fetch_array($result)){
?>
<option value="<?php echo $row['name'] ?>"><?php echo $row['name'];?></option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td><label>Post keywords</label></td>
<td><input type="text" name="post_keyword" placeholder="Enter text"></td>
</tr>
<tr>
<td><label>Post Image</label></td>
<td><input type="file" name="post_image"/></td>
</tr>
<tr>
<td><label>Select Page</label></td>
<td><select class="form-control" name="post_page">
<?php
$sql="select * from menu";
$result=mysqli_query($bd,$sql) or die("error".mysql_error());
while($row=mysqli_fetch_array($result)){
?>
<option value="<?php echo $row['id'];?>"><?php echo $row['name'];?></option>
<?php
}
?>
</select></td>
</tr>
<tr>
<td><label>Post Contents</label></td>
<td><textarea id="area1" name="post_content" rows="10"></textarea></td>
</tr>
<tr>
<td>Action Key</td>
<td><button type="submit" class="btn btn-default" name="submit" onclick="nicEditors.findEditor('area1').saveContent();">Publish Now</button><button type="reset" class="btn btn-default">Reset Button</button></td>
<td></td>
</tr>
</form>
</table>
</div>
</div>
</div>
<!--END PAGE CONTENT -->
<!-- RIGHT STRIP SECTION -->
<?php //include('include/right.php'); ?>
<!-- END RIGHT STRIP SECTION -->
</div>
</body>
</html>
<!--END MAIN WRAPPER -->
<!-- FOOTER -->
只需对所有要插入的值使用 mysql_real_escape_string()。
您混淆了 mysql 和 mysqli。当您调用 mysqli_query 时,您也必须使用 mysqli_ 函数来阻止数据。
$post_content = mysqli_real_escape_string(nl2br($_POST['post_content']));
// ^
您应该将 mysql_real_escape_string 用于数据库的所有字符串输入,其中包括,而不仅仅是 content.
string mysqli_real_escape_string ( mysqli $link , string $escapestr )
您必须添加 连接 link 作为 mysqli_real_escape_string()
的第一个参数
$post_content = mysqli_real_escape_string($bd, nl2br($_POST['post_content']));
再次
mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
^
而不是
mysql_error()
使用
mysqli_error($bd)
我正在尝试将 post 记录到数据库中,同一脚本几天前在我修改我的网站后工作正常,但它无法正常工作。
当我尝试回显内容时,我发现一切正常。即使我尝试插入没有 textarea 内容的记录,但只有当我尝试插入包含内容的记录时它才能正常工作我的意思是 $post_content 然后我在查询中遇到错误。
如果我使用 mysql_real_escape_string(),我插入了记录,但没有文本区域内容,它是空白的,我使用 nl2br() 来转义换行符,但此时完全没有任何效果,而且同样代码在我的本地计算机服务器上运行良好,但找不到真正的问题所在。
我认为是文本编辑器导致了问题,我现在正在使用 niceEdit,我也尝试过使用 tinyMce,但没有成功。谁能帮帮我?
<!DOCTYPE html>
<html>
<head>
<title> Insert New Post</title>
<script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script>
<script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script>
<style>
input[type="text"]{
width:90%;
height: 30px;
}
select{
height: 30px;
}
table{
width:100%;
}
label{
font-weight:300;font-size:1.5em;text-align: right;
}
textarea{
width: 90%;
}
</style>
</style>
</head>
<!-- BEGIN BODY -->
<body>
<?php include('config.php'); ?>
<?php
ob_start();
if($_SERVER["REQUEST_METHOD"] == "POST"){
$post_title=$_POST['post_title'];
$post_author=$_POST['post_author'];
//$post_date=date("l jS \of F Y h:i:s A");
//$post_date=date("l jS \of F Y");
$post_catagory=$_POST['post_catagory'];
$post_image=$_FILES['post_image']['name'];
$post_image_tmp=$_FILES['post_image']['tmp_name'];
$post_keyword=$_POST['post_keyword'];
$post_page=$_POST['post_page'];
$post_content=mysql_real_escape_string($_POST['post_content']);
// $post_content= nl2br($post_content);
if($post_author==''){
echo "<script>alert('You must fill all blank fields'); window.location('insert_post.php');</script>";
exit();
}
else{
move_uploaded_file($post_image_tmp,"../../images/$post_image");
$sql="insert into post (page_id,post_title,post_author,post_image,post_keywords,post_catagory,post_content) values ('$post_page','$post_title','$post_author','$post_image','$post_keyword','$post_catagory','$post_content')";
$result=mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
if(!$result){
echo"<h2 style=\"color:red;position:absolute;top:0;left:400px;\">Your post wasnt posted something is worng</h2>";
exit();
}else{
echo"<h2><script>alert('Your Post has been published successfully!')</script>";
echo"<script>window.open('insert_post.php','_self')</script>";
}
}
}
?>
<!-- MAIN WRAPPER -->
<div id="wrap" >
<?php
//echo $post_author;
// echo $post_title;
// echo $post_page;
// echo $post_keyword;
// echo $post_content;
// echo $post_image;
?>
<!-- MENU SECTION -->
<!--END MENU SECTION -->
<!--PAGE CONTENT -->
<?php //include('include/content.php'); ?>
<div class="row">
<div class="col-lg-12">
<div id="post_form">
<table>
<form action="" method="post" enctype="multipart/form-data" id="post_form">
<tr>
<td><label>Post Title</label></td>
<td><input class="form-control" type="text" name="post_title"></td>
</tr>
<tr>
<td><label>Post Author</label></td>
<td><input class="form-control" type="text" name="post_author"></td>
</tr>
<tr>
<td> <label>Post Catagory</label></td>
<td><select class="form-control" name="post_catagory">
<?php
$sql="select * from catagory";
$result=mysqli_query($bd,$sql) or die("Error:".mysql_error());
while($row=mysqli_fetch_array($result)){
?>
<option value="<?php echo $row['name'] ?>"><?php echo $row['name'];?></option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td><label>Post keywords</label></td>
<td><input type="text" name="post_keyword" placeholder="Enter text"></td>
</tr>
<tr>
<td><label>Post Image</label></td>
<td><input type="file" name="post_image"/></td>
</tr>
<tr>
<td><label>Select Page</label></td>
<td><select class="form-control" name="post_page">
<?php
$sql="select * from menu";
$result=mysqli_query($bd,$sql) or die("error".mysql_error());
while($row=mysqli_fetch_array($result)){
?>
<option value="<?php echo $row['id'];?>"><?php echo $row['name'];?></option>
<?php
}
?>
</select></td>
</tr>
<tr>
<td><label>Post Contents</label></td>
<td><textarea id="area1" name="post_content" rows="10"></textarea></td>
</tr>
<tr>
<td>Action Key</td>
<td><button type="submit" class="btn btn-default" name="submit" onclick="nicEditors.findEditor('area1').saveContent();">Publish Now</button><button type="reset" class="btn btn-default">Reset Button</button></td>
<td></td>
</tr>
</form>
</table>
</div>
</div>
</div>
<!--END PAGE CONTENT -->
<!-- RIGHT STRIP SECTION -->
<?php //include('include/right.php'); ?>
<!-- END RIGHT STRIP SECTION -->
</div>
</body>
</html>
<!--END MAIN WRAPPER -->
<!-- FOOTER -->
只需对所有要插入的值使用 mysql_real_escape_string()。
您混淆了 mysql 和 mysqli。当您调用 mysqli_query 时,您也必须使用 mysqli_ 函数来阻止数据。
$post_content = mysqli_real_escape_string(nl2br($_POST['post_content']));
// ^
您应该将 mysql_real_escape_string 用于数据库的所有字符串输入,其中包括,而不仅仅是 content.
string mysqli_real_escape_string ( mysqli $link , string $escapestr )
您必须添加 连接 link 作为 mysqli_real_escape_string()
的第一个参数$post_content = mysqli_real_escape_string($bd, nl2br($_POST['post_content']));
再次
mysqli_query($bd,$sql) or die("Error occured:in query".mysql_error());
^
而不是
mysql_error()
使用
mysqli_error($bd)