堆栈内存溢出
  简体   繁体   English

为参数输入值时,SQL语法错误

[英]SQL syntax error when value is entered for parameter

 原文  2013-12-06 08:16:52       php/ mysql

问题描述

I have this line of code to enter data into a database using binding: 我有以下代码行可以使用绑定将数据输入数据库: 

$mysql = "INSERT INTO Orders (`Name`, `Recipient`, `Destination`, `Room`, `Message`, `Anonymous`, `OffCampus`, `OffCampusAddress`) VALUES (?, ?, ?, ?, ?, ?, ?, ?)";

$stmt = mysqli_prepare($con,$mysql);

Oddly enough, this error only occurs when a value for the column Recipient is entered in the html form. 奇怪的是,仅当以html形式输入“ Recipient ”列的值时,才会发生此错误。 When nothing is entered in the field it works. 如果在该字段中未输入任何内容,它将起作用。 The error is: 错误是:

mysqli error: You have an error in your SQL syntax; mysqli错误:您的SQL语法有错误; check the manual that corresponds to your MySQL server version for the right syntax to use near '0' at line 1 检查与您的MySQL服务器版本相对应的手册,以在第1行的'0'附近使用正确的语法

Could anyone tell me why entering a value for the parameter would cause a MySQL syntax error? 谁能告诉我为什么输入参数值会导致MySQL语法错误? Thanks in advance, and sorry if it's obvious, I'm new to web development. 在此先感谢您,如果很明显,我很抱歉,我是Web开发的新手。

Here is my binding: 这是我的绑定: 

  mysqli_stmt_bind_param($stmt, 'ssssssss', $name, $recipient, $destination, $room, $message, $anonymous, $offcampus, $offcampusaddress);

1 个解决方案

解决方案1
 -1  2013-12-06 10:34:16

I think you should do like this as in my below code. 我认为您应该像下面的代码一样这样做。 

$mysqli = new mysqli('localhost', 'root', '', 'DBNAME');

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$stmt = $mysqli->prepare("INSERT INTO Orders (`Name`, `Recipient`, `Destination`, `Room`, `Message`, `Anonymous`, `OffCampus`, `OffCampusAddress`) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");

$stmt->bind_param("sssdssss", $Name, $Recipient, $Destination, $Room, $Message, $Anonymous, $OffCampus, $OffCampusAddress);

$Name= 'DEU';
$Recipient= 'Bavarian';
$Destination= "XYZ";
$Room= 15;
$Message= 'May I help you';
$Anonymous= 'i do not know';
$OffCampus= "YY";
$OffCampusAddress= "Known Street";

/* execute prepared statement */
$stmt->execute();

printf("%d Row inserted.\n", $stmt->affected_rows);

/* close statement and connection */
$stmt->close();

In bind parameters (sssdssss) means the the type of parameter as you given as input. 在绑定参数中(sssdsssss)表示您作为输入给出的参数类型。 s for string value, and d for decimal value. s表示字符串值,d表示十进制值。 I keep sssdssss because, d is decimal ie no: of rooms and this type comes first, if in your db, you keep it varchar so you may convert d to s. 我保留sssdssss的原因是,d为十进制,即no:房间数,并且此类型排在第一位,如果在您的数据库中,将其保留为varchar,则可以将d转换为s。 you have write wrong syntax in you question ie 您在您的问题中写了错误的语法,即 

mysqli_stmt_bind_param($stmt, 'ssssssss', $name, $recipient, $destination, $room, $message, $anonymous, $offcampus, $offcampusaddress);

Hope it will help you. 希望对您有帮助。

Thanks 谢谢

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 更新数据库中的值时 SQL 语法错误 - SQL syntax error when updating value in database 运行 SQL 语法时出错 - Error when running SQL syntax 插入时SQL语法错误 - Error in SQL Syntax when Inserting 带有html复选框值的SQL语法中的错误 - error in SQL syntax with html checkbox value 长输入文本时出现MySQL语法错误 - MySQL Syntax Error at long entered text 在数据库上完成查询时出现SQL语法错误 - SQL syntax error when completing query on a database 删除行时出现SQL语法错误 - SQL Syntax error when deleting row 解析xml文件时SQL语法错误 - error in SQL syntax when parsing xml files 插入新事件时SQL语法错误 - Error on SQL syntax when inserting new event 我尝试查询时SQL语法错误 - Error in SQL syntax when I try a query
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM