无法将链接插入mysql数据库(Can't insert link into mysql database)

这是我的插入代码的一部分让我烦恼：

$recepient="test@email.com"; $text="Please track: http://wwwapps.ups.com/WebTracking/processInputRequest?HTMLVersion=5.0&loc=en_US&Requester=UPSHome&tracknum=123456789&AgreeToTermsAndConditions=yes&ignore=&track.x=24&track.y=9"; $date="2013-05-03 08:12:20"; $through="mail"; $status=1; $q = "INSERT INTO `messages` (`recepient`,`text`,`date`,`through`,`status`) VALUES('".mysql_real_escape_string($to)."','".mysql_real_escape_string($text)."','".date("Y-m-d H:i:s")."','".mysql_real_escape_string($rowuser['through'])."','".intval($status)."')"; try {$db->query($q);} catch(PDOException $ex) {echp" Error: ".$ex.);}

如果我从$ text变量中删除链接，我可以看到添加到数据库的数据。但是在我需要它添加链接的方式 - 脚本停止不报告任何错误。

Here is a part of my insert code that troubles me:

If I remove the link from the $text variable I can see the data added to the database. But in the way I need it to add with the link - the script stops not reporting any errors.

最满意答案

使用PDO强大的预备语句 ：

$q = "INSERT INTO messages (recepient,text,date,through,status) "; $q .= "VALUES (:to,:text,:date,:through,:status)"; $dbinsert = $db->prepare($q); $dbinsert->execute(array( ':to' => $recipient, ':text' => $text, ':date' => $date, ':through' => $through, ':status' => $status));

这应该做到这一点。让PDO负责逃避。

The problem is with the "?" sign in the $text variable. It is being treated as a placeholder when it is put into the query, and the $db->query expects an array of variables. The solution is to use a placeholder instead of a $text variable and submit $text variable as params:

$ar[0]=$text; $q = "INSERT INTO `messages` (`recepient`,`text`,`date`,`through`,`status`)"; $q.= " VALUES('".$to."',?,'".date("Y-m-d H:i:s")."','".$through."',".$status.")"; $db->query($q,$ar);

更多推荐