语法错误查询 INSERT INTO php
[英]Syntax error query INSERT INTO php
问题描述
I try mysql_query() but I get an error saying "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near.... the problem is Query String
我尝试使用 mysql_query() 但我收到一条错误消息“您的 SQL 语法有错误;请检查与您的 MySQL 服务器版本相对应的手册,以获取在附近使用的正确语法......问题是查询字符串
$val=$_POST["valori"];
$t=explode(",",$val);
$id="";
$nomi="";
$i=0;
$turno=$_POST["turno"];
$div=$_POST["prova"];
$username = "root";
$password = "";
$hostname = "localhost";
$dbname = "culp";
$dbhandle=mysql_connect($hostname, $username, $password);
mysql_select_db($dbname) or die("Unable to select database");
while(count($t)!=$i)
{
$id=$id.$t[$i+1].",";
$nomi=$nomi.$t[$i].",";
$i=$i+2;
}
$query1="INSERT INTO foglio (turno,paper,".$id."data)VALUES('$turno','$div','".$nomi."'CURDATE());";
echo $query1;
mysql_query($query1)or trigger_error(mysql_error()." in ".$query1);
1 个解决方案
解决方案1
1 2015-11-29 10:26:44
I assume you are inserting four values in your query.我假设您在查询中插入了四个值。 So you should write:所以你应该写:
$query1="INSERT INTO foglio (turno,paper,$id,data)VALUES('$turno','$div','$nomi',CURDATE());";
You are wrapping the query in double quotes so you don't need the single ones.您将查询用双引号括起来,因此您不需要单引号。 You were missing a comma between the third and the fourth item in the query您在查询中的第三项和第四项之间缺少逗号
Also I assume you are just doing this for a personal project because you are using a deprecated api (mysql_*) that will be removed in the next php release (so your code will not work anymore).另外,我假设您只是为个人项目执行此操作,因为您使用的是已弃用的 api (mysql_*),该 api (mysql_*) 将在下一个 php 版本中删除(因此您的代码将不再起作用)。 Also your code is open to sql injections and you should move to prepared statements此外,您的代码对 sql 注入开放,您应该转向准备好的语句
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.