我试图插入两个表,但得到这个错误
错误:INSERT INTO provide_help(amount)VALUES(40,000.00)列数与第1行的值计数不匹配
下面是我的插入代码
<?php
session_start(); {
//Include database connection details
include('../../dbconnect.php');
$amount = strip_tags($_POST['cat']);
$field1amount = $_POST['cat'];
$field2amount = $field1amount + ($field1amount*0.5);
$sql = "INSERT INTO provide_help (amount) VALUES ( $field1amount)";
if (mysqli_query($conn, $sql))
$sql = "INSERT INTO gh (ph_id, amount) VALUES (LAST_INSERT_ID(), $field2amount)";
if (mysqli_query($conn, $sql))
{
$_SESSION['ph'] ="<center><div class='alert alert-success' role='alert'>Request Accepted.</div></center>";
header("location: PH.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
但是,当我做这样的事情时,它有效
$sql = "INSERT INTO provide_help (amount) VALUES ( $field2amount)";
我只是改变了$field1amount以$field2amount
但我不想这样,我想也得到它的价值$field1amount并插入它
请帮助任何帮助,谢谢
问题是因为您传入的数字中包含逗号且不是字符串.你需要传入"40,000.00"或者40000.00.MySQL将其解释为两个值:40和000.00.
使用预准备语句将缓解此问题(以及您的安全问题),因为绑定将解释40,000.00为字符串.让你入门的一个非常基本的例子是:
$sql = "INSERT INTO provide_help (amount) VALUES (?)";
$stmt = $mysqli->prepare($sql);
/*
- the "s" below means string
- NOTE you should still validate the $_POST value,
don't just accept whatever is sent through your form -
make sure it matches the format you're expecting at least
or you'll have data validation issues later on
*/
$stmt->bindParam("s", $field1amount);
$stmt->execute($fieldAmount1);
$result = $res->fetch_assoc();