if(isset($_POST['post-submit'])){
$post_category_id = $_POST['post_category_id'];
$post_title = $_POST['post_title'];
$post_author = $_POST['post_author'];
$post_tags = $_POST['post_tags'];
$post_status = $_POST['post_status'];
$post_content = $_POST['post_content'];
// SQL Injection
$post_content = mysqli_real_escape_string($connection, $post_content );
$post_image = $_FILES['image']['name'];
$post_image_temp = $_FILES['image']['temp_name'];
move_uploaded_file($post_image_temp, "../img/blog/$post_image" );
$post_date = date('d-m-y');
$post_commnet_count = 4;
$query = "INSERT INTO posts(post_image,now(),post_commnet_count, post_category_id, post_title, post_author, post_tags, post_status, post_content) " ;
$query .= "VALUES('$post_image', '$post_date', '$post_commnet_count' ,'$post_category_id','$post_title','$post_author','$post_tags','$post_status','$post_content')";
$insert_all_post_query = mysqli_query($connection, $query);
if(!$insert_all_post_query)
{
die("QUERY FAILED" . mysqli_error($connection));
}
else {echo "<h2>Data Sucessfully Updated</h2>";}
}
QUERY FAILED您的SQL语法有误;检查与您的MariaDB服务器版本相对应的手册,以在第1行附近使用正确的语法,以在'','Education Empower','Education Empower','Education Empower','Education Empower'附近使用]
if(isset($ _ POST ['post-submit'])){$ post_category_id = $ _POST ['post_category_id']; $ post_title = $ _POST ['post_title']; $ post_author = $ _POST ['post_author']; $ ...
您在列位置使用now()函数