堆栈内存溢出
  简体   繁体   English

Php mysqli-> real_escape_string和MYSQL

[英]Php mysqli->real_escape_string and MYSQL

 原文  2013-07-14 06:38:19       php/ mysql/ mysql-real-escape-string

问题描述

I've a little question. 我有点问题。 I've written this code to add the values to mysql database but when i run the code and I got an error. 我写了这段代码来将值添加到mysql数据库但是当我运行代码时出现错误。 Can anybody help me? 有谁能够帮助我?

the code: 编码: 

$fel = $mysqli->query("INSERT INTO deleted (uid,buy_type,prop_type,district,street,room_min,room_max,price_min,price_max,condition_type,heat_type,lift_type,parking_type,type_of_del,when)  
                            VALUES ('".$mysqli->real_escape_string($letomb['uid'])."',
                                    '".$mysqli->real_escape_string($letomb['buy_type'])."',
                                    '".$mysqli->real_escape_string($letomb['prop_type'])."',
                                    '".$mysqli->real_escape_string($letomb['district'])."',
                                    '".$mysqli->real_escape_string($letomb['street'])."',
                                    '".$mysqli->real_escape_string($letomb['room_min'])."',
                                    '".$mysqli->real_escape_string($letomb['room_max'])."',
                                    '".$mysqli->real_escape_string($letomb['price_min'])."',
                                    '".$mysqli->real_escape_string($letomb['price_max'])."',
                                    '".$mysqli->real_escape_string($letomb['condition_type'])."',
                                    '".$mysqli->real_escape_string($letomb['heat_type'])."',
                                    '".$mysqli->real_escape_string($letomb['lift_type'])."',
                                    '".$mysqli->real_escape_string($letomb['parking_type']).",
                                    '".$mysqli->real_escape_string($type_of_del)."', 
                                    now())") or die($mysqli->error);

Error: 错误: 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'when) VALUES ('3', 'kiado', 'lakas', '1'' at line 1

2 个解决方案

解决方案1
 2  2013-07-14 06:41:04

WHEN is a reserved word . WHEN保留字 Enclosing it in backticks should fix your problem, as it will then be treated as an identifier . 将它包含在反引号中应该可以解决您的问题,因为它将被视为标识符 

`when`

解决方案2
 1  2013-07-14 06:43:03

You should use backticks around your column names. 您应该在列名称周围使用反引号。 when is a MySQL keyword so it's being interpreted incorrectly. when是MySQL关键字,因此它被错误地解释。 At the very least use backticks around when . 至少在when使用反叛。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在PHP中正确使用$ mysqli-> real_escape_string - Correct usage of $mysqli->real_escape_string in PHP mysqli->real_escape_string - mysqli->real_escape_string 哪个字符集对Mysqli-> real_escape_string是安全的 - Which character set is safe for Mysqli->real_escape_string 转义useragent:$ mysqli-> real_escape_string不起作用 - Escaping the useragent: $mysqli->real_escape_string does not work php的mysqli-> real_escape_string()将引号转换为htmlchars - php's mysqli->real_escape_string() converting quotes to htmlchars 如何在数组中使用PHP7的$ mysqli-> real_escape_string - How to use PHP7's $mysqli->real_escape_string with an array $ mysqli-> real_escape_string()和addslashesh()无法正常工作 - $mysqli->real_escape_string() and addslashesh() doesn't work properly $ mysqli-> real_escape_string用于控制一个接受用户输入的选择查询的安全性如何 - How safe $mysqli->real_escape_string for controlling one select query that accept user input 我在这里正确使用$ mysqli-> real_escape_string吗? - Am I using $mysqli->real_escape_string correctly here? 过滤器网址后是否需要mysqli-> real_escape_string? - Do I need mysqli->real_escape_string after filter url?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM