[英]MySQL Syntax Error WITH emails
I am trying to get POST'ed form variables and mySQL is throwing an error when trying to insert them.我正在尝试获取 POST 的表单变量,而 mySQL 在尝试插入它们时抛出错误。 I can't figure for the life of me why.我无法弄清楚我的生活为什么。 Hopefully someone can help out.希望有人可以帮忙。
function submitFound(){
global $dbc;
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$query =
"INSERT INTO found1
(fname, lname, email, phone, name, color, make, model, sizes, info, location)
VALUES
(" .
mysql_real_escape_string($_POST['fname']) . "," .
mysql_real_escape_string($_POST['lname']) . "," .
mysql_real_escape_string($_POST['email']) . "," .
mysql_real_escape_string($_POST['phone']) . "," .
mysql_real_escape_string($_POST['name']) . "," .
mysql_real_escape_string($_POST['color']) . "," .
mysql_real_escape_string($_POST['make']) . "," .
mysql_real_escape_string($_POST['model']) . "," .
mysql_real_escape_string($_POST['size']) . "," .
mysql_real_escape_string($_POST['info']) . "," .
mysql_real_escape_string($_POST['location']). ")";
$results = mysqli_query($dbc, $query);
check_results($results);
//return $mysqli_insert_id($dbc);
mysqli_free_result($results);
}
}
That is the function that is submitting the information.这就是提交信息的功能。 (Generic information about an item. This is the mySQL error getting thrown. (有关项目的通用信息。这是抛出的 mySQL 错误。
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com,444-444-4444,Book,#000040,NA,NA,Large,Nothing special,Byrne House)' at line 4
This is what I input in the form.这是我在表格中输入的内容。 http://puu.sh/8l35Z.png http://puu.sh/8l35Z.png
So yeah, any help would be great.所以是的,任何帮助都会很棒。 Not sure if it is just something stupid.不确定这是否只是愚蠢的事情。 My eyes are starting to cross :P我的眼睛开始交叉:P
Thanks in advance.提前致谢。
EDIT* Fixed the Strings but am still getting an error: New Code:编辑* 修复了字符串,但仍然出现错误:新代码:
$query =
"INSERT INTO found1
(fname, lname, email, phone, name, color, make, model, sizes, info, location)
VALUES
('" .
mysql_real_escape_string($_POST['fname']) . "','" .
mysql_real_escape_string($_POST['lname']) . "','" .
mysql_real_escape_string($_POST['email']) . "','" .
mysql_real_escape_string($_POST['phone']) . "','" .
mysql_real_escape_string($_POST['name']) . "','" .
mysql_real_escape_string($_POST['color']) . "','" .
mysql_real_escape_string($_POST['make']) . "','" .
mysql_real_escape_string($_POST['model']) . "','" .
mysql_real_escape_string($_POST['size']) . "','" .
mysql_real_escape_string($_POST['info']) . "','" .
mysql_real_escape_string($_POST['location']). "')'";
MySQL error: MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 4
MySQL 错误: MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 4
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 4
As John Conde mentioned, you need to add quotes around your values, your error message shows this.正如 John Conde 所提到的,您需要在您的值周围添加引号,您的错误消息显示了这一点。
@gmail.com,444-444-4444,Book,#000040,NA,NA
Notice the missing quotes, it should look like this注意缺少的引号,它应该是这样的
'@gmail.com','444-444-4444','Book','#000040','NA','NA'
Try this尝试这个
VALUES
('" .
mysql_real_escape_string($_POST['fname']) . "','" .
mysql_real_escape_string($_POST['lname']) . "','" .
mysql_real_escape_string($_POST['email']) . "','" .
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.