亲测成功
1,表单页面
<form name= "myform" method = 'post' action = "yuchuli.php">
商品:<br>
<input type="text" name="title" >
<br>
描述:<br>
<input type="text" name="content" >
<br>
价格:<br>
<input type="text" name="price" >
<br>
<input type="submit">
</form>
2,处理页面
<?php
//这是关键处理代码
function bindValue($data = array(),$type=0) {
if (! empty ( $data ) && is_array ( $data )) {
$_res = $fields = $values = $bindArray = $_sqlvls=array ();
foreach ( $data as $key => $val ) {
$fields [] = "`{$key}`";
$values [] = ":" . $key;
$_sqlvls[]="'".$val."'";
$bindArray [":" . $key] = $val;
}
$field = join ( ',', $fields );
$value = join ( ',', $values );
$_sqlvl = join ( ',', $_sqlvls );
$_res = array (
'field' => $field, // 预处理key
'value' => $value, // 预处理格式
'bind' => $bindArray, // 预处理格式数据
'sqlvl'=>@$_sqlvl,
);
}
return $_res;
}
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "test";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// 设置 PDO 错误模式为异常
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$_sql="INSERT INTO think_product ";
$data = $_POST;
$_bind = bindValue ( $data );
$sql = $_sql. "({$_bind['field']}) VALUES({$_bind['value']})";
// 预处理 SQL 并绑定参数
$stmt = $conn->prepare($sql);
$stmt->execute($_bind['bind']);
echo "新记录插入成功";
}
catch(PDOException $e)
{
echo "Error: " . $e->getMessage();
}
$conn = null;
?>