我正在嘗試使用準備好的stmt以避免sql注入，并且它無法正常工作。我已經用一些警報語句包圍了我的代碼，以了解問題出在哪里。它位于bind_param語句中。之后的所有事情都永遠不會執行。希望我能找到幫助！過去3個小時一直在尋找答案，到目前為止，還沒有任何解決方案。PS表有6列。一個ID會自動遞增，其余的就像你從代碼中看到的那樣$db = new PDO("mysql:port=3302;dbname=thedoctors", "root", ""); $Data = $_POST["post"];$postData = $db->quote($_POST["post"]); //user's post$user = $db->quote($_SESSION["user"]);    //user's email$stmt = $db->prepare("INSERT INTO post (body,timee,likes,comments,userem) VALUES (?, NOW(), ?, ?, ?);");// set parameters and execute$first = ".$postData.";$like = 0;$comment = 0;$stmt->bind_param("siis", $first, $like, $comment, $user);echo "<script>alert('hello');</script>";// $result = $stmt->get_result();// header("location:activity.php");if (strlen($Data) > 3000 || strlen($Data) < 1) {    echo "<script>alert('Make sure your post is of correct length!');</script>";} else {    $stmt->execute();    echo "<script>alert('Post uploaded! You can check it in your profile!');</script>";}