-2

データベースに個人用リンクを追加できるはずで、サーバーは MySQL と Active Directory を備えた Windows Server 2008 R2 を実行しています。

<?php 
$dbl = mysql_connect('localhost', 'USERNAME', 'PASSWORD') or die('failed to connect to mysql'); 
mysql_select_db('linksdatabase') or die('failed to select database'); 

if(isset($_POST['linkaddress']) && isset($_POST['linkname'])) 
$sql = "INSERT INTO userlinks (username, linkaddress, linkname) VALUES ('%s','%s','%s')";
mysql_query ( sprintf ( $sql, mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ), mysql_real_escape_string ( $_POST ['linkaddress'] ), mysql_real_escape_string ( $_POST ['linkname'] ) ) );

echo '<p>Links:</p><ul>'; 

$result = mysql_query ( sprintf ( "SELECT linkaddress, linkname FROM userlinks WHERE username = '%s'", mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ) ) );

while($row = mysql_fetch_array($result)) 
    echo '<li><a href="', htmlentities($row['linkaddress']), '">', htmlentities($row['linkname']), '</a></li>'; 

echo '</ul>'; 
?> 

<form action="" method="post"> 
 <fieldset> 
  <legend>Add a Link</legend> 
  Address: <input type="text" name="linkaddress" /><br /> 
  Name: <input type="text" name="linkname" /><br /> 
  <input type="submit" value="Add" /> 
 </fieldset> 
</form>
4

3 に答える 3

1

あなたはいくつかの一重引用符'の問題を抱えています

交換

   mysql_query('INSERT INTO userlinks (username, linkaddress, linkname) VALUES (\'' . mysql_real_escape_string($_SERVER['AUTH_USER']) . '\', \'' . mysql_real_escape_string($_POST['linkaddress']) . '\', \'' . mysql_real_escape_string($_POST['linkname']) . '\''); 


$sql = "INSERT INTO userlinks (username, linkaddress, linkname) VALUES ('%s','%s','%s')";
mysql_query ( sprintf ( $sql, mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ), mysql_real_escape_string ( $_POST ['linkaddress'] ), mysql_real_escape_string ( $_POST ['linkname'] ) ) );

交換

$result = mysql_query('SELECT linkaddress, linkname FROM userlinks WHERE username = \'' . mysql_real_escape_string($_SERVER['AUTH_USER']) . '\'');


$result = mysql_query ( sprintf ( "SELECT linkaddress, linkname FROM userlinks WHERE username = '%s'", mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ) ) );

このコードは、エラーを見つけるのに役立つ場合があります

error_reporting(E_ALL);
ini_set('display_errors','On');

$dbl = mysql_connect ( 'localhost', 'USERNAME', 'PASSWORD' ) or die ( 'failed to connect to mysql' );
mysql_select_db ( 'linksdatabase' ) or die ( 'failed to select database' );

if (count ( $_POST ) < 1) {
    var_dump ( "Nothign was posted" );
} else {
    var_dump ( $_POST );
}

if (isset ( $_POST ['linkaddress'] ) && isset ( $_POST ['linkname'] )) {
    $sql = "INSERT INTO userlinks (username, linkaddress, linkname) VALUES ('%s','%s','%s')";
    mysql_query ( sprintf ( $sql, mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ), mysql_real_escape_string ( $_POST ['linkaddress'] ), mysql_real_escape_string ( $_POST ['linkname'] ) ) );

    if (mysql_errno ()) {
        var_dump ( "MySQL error " . mysql_errno () . ": " . mysql_error () );
    } else {
        var_dump ( "OK Insert" );
    }

}

echo '<p>Links:</p><ul>';

$result = mysql_query ( sprintf ( "SELECT linkaddress, linkname FROM userlinks WHERE username = '%s'", mysql_real_escape_string ( $_SERVER ['AUTH_USER'] ) ) );

if (mysql_errno ()) {
    var_dump ( "MySQL error " . mysql_errno () . ": " . mysql_error () );
} else {
    var_dump ( "OK Select" );
}

while ( $row = mysql_fetch_array ( $result ) )
    echo '<li><a href="', htmlentities ( $row ['linkaddress'] ), '">', htmlentities ( $row ['linkname'] ), '</a></li>';
echo '</ul>';
于 2012-04-08T12:27:02.593 に答える
0

完全な答えではありませんが、開発時に行を折り返すようにしてください - あなたの人生 (IDE 内) と私たちの人生 (ここにコードを貼り付けるとき):

$sql = "
    INSERT INTO userlinks
    (username, linkaddress, linkname)
    VALUES ('%s','%s','%s')
";
mysql_query(
    sprintf(
        $sql,
        mysql_real_escape_string( $_SERVER ['AUTH_USER'] ),
        mysql_real_escape_string( $_POST ['linkaddress'] ),
        mysql_real_escape_string( $_POST ['linkname'] )
    )
);

これにより、水平スクロールなしですべてを簡単に読むことができ、ブラケットの一致を簡単に確認できます.

于 2012-04-08T13:39:55.053 に答える
0

)クエリの最後に閉じ括弧がありません。

mysql_query('INSERT INTO userlinks (username, linkaddress, linkname) VALUES (\'' . mysql_real_escape_string($_SERVER['AUTH_USER']) . '\', \'' . mysql_real_escape_string($_POST['linkaddress']) . '\', \'' . mysql_real_escape_string($_POST['linkname']) . '\')');
于 2012-04-08T12:32:53.910 に答える