MYSQL语法错误
[英]MYSQL syntax error
问题描述
HI everyone i tried for 3 days and i'm not able to solve this problem. 
大家好,我尝试了3天,但我无法解决此问题。 This is the codes and i have went through it again and again but i found no errors. 这是代码,我已经一遍又一遍地通过它,但是我没有发现错误。 I tried at a blank page and it worked but when i put it inside the calendar it has the syntax error. 我尝试在空白页上运行,但是它正常工作,但是当我将其放入日历中时,它会出现语法错误。 Thanks a million for whoever who can assist. 感谢一百万可以协助的人。
/** QUERY THE DATABASE FOR AN ENTRY FOR THIS DAY !! IF MATCHES FOUND, PRINT THEM !! **/
$testquery = mysql_query("SELECT orgid FROM sub WHERE userid='$userid'");
while($row4 = mysql_fetch_assoc($testquery))
{
$org = $row4['orgid'];
echo "$org<br>";
$test2 = mysql_query("SELECT nameevent FROM event WHERE `userid`=$org AND EXTRACT(YEAR FROM startdate)='2010' AND EXTRACT(MONTH FROM startdate)='08' AND EXTRACT(DAY FROM startdate)='15'") or die(mysql_error());
while($row5=mysql_fetch_assoc($test2))
{
$namethis = $row5['nameevent'];
$calendar.=$namethis;
}
}
4 个解决方案
解决方案1
0 2010-08-19 06:45:59
First question: what calendar are you talking about? 第一个问题:您在说什么日历?
And here are my 2-cents: does the EXTRACT function returns a string or a number? 这是我的2美分:EXTRACT函数返回的是字符串还是数字? Are the "backticks" ( userid ) really in your query? 您的查询中是否真的有“反引号”( userid )? Try to strip them off. 尝试剥离它们。 Bye! 再见!
解决方案2
0 2010-08-19 06:46:01
It's a guess, given that you haven't provided the error message you're seeing, but I imagine that userid is a text field and so the value $org in the WHERE clause needs quotes around it. 考虑到您尚未提供所看到的错误消息,这是一个猜测,但我想用户ID是一个文本字段,因此WHERE子句中的$ org值需要用引号引起来。 I say this as the commented out testquery has quotes around the userid field, although I appreciate that it works on a different table. 我说这是因为注释掉的testquery在userid字段周围有引号,尽管我很欣赏它可以在其他表上使用。 Anyway try this: 无论如何尝试:
SELECT nameevent FROM event WHERE userid = '$org' AND EXTRACT(YEAR FROM startdate)='2010' AND EXTRACT(MONTH FROM startdate)='08' AND EXTRACT(DAY FROM startdate)='15' SELECT nameevent FROM event WHERE userid = '$ org'AND EXTRACT(YEAR FROM startdate)='2010'AND EXTRACT(MONTH FROM startdate)='08'AND EXTRACT(DAY FROM startdate)='15'
In such cases it's often useful to echo the sql statement and run it using a database client 在这种情况下,回显sql语句并使用数据库客户端运行它通常很有用。
解决方案3
0 2010-08-19 06:50:22
First step in debugging problems like this, is to print out the acutal statement you are running. 调试此类问题的第一步,是打印出您正在运行的命令语句。 I don't know PHP, but can you first build up the SQL and then print it before calling mysql_query()? 我不知道PHP,但是您可以先建立SQL,然后在调用mysql_query()之前将其打印出来吗?
EXTRACT() returns a number not a character value, so you don't need the single quotes when comparing EXTRACT(YEAR FROM startdate) = 2010 , but I doubt that this would throw an error (unlike in other databases) but there might be a system configuration that does this. EXTRACT()返回数字而不是字符值,因此在比较EXTRACT(YEAR FROM startdate) = 2010 ,您不需要单引号,但是我怀疑这会引发错误(与其他数据库不同),但是可能执行此操作的系统配置。
Another thing that looks a bit strange by just looking at the names of your columns/variables: you are first retrieving a column orgid from the user table. 仅查看列/变量的名称,另一件事看起来有点奇怪:您首先要从用户表中检索列orgid 。 But you compare that to the userid column in the event table. 但是您可以将其与事件表中的userid列进行比较。 Shouldn't you also be using $userid to retrieve from the event table? 您还不应该使用$ userid从事件表中检索吗?
Also in the first query you are putting single quotes around $userid while you are not doing that for the userid column in the event table. 同样,在第一个查询中,您将$ userid括在单引号中,而对于事件表中的userid列则不这样做。 Is userid a number or a string? 用户名是数字还是字符串? Numbers don't need single quotes. 数字不需要单引号。
解决方案4
0 2010-08-19 07:27:02
Any of the mysql_* functions can fail. 任何mysql_ *函数都可能失败。 You have to test all the return values and if one of them indicates an error (usually when the function returns false ) your script has to handle it somehow. 您必须测试所有返回值,如果其中一个指示错误(通常在函数返回false ),您的脚本必须以某种方式处理它。
Eg in your query 例如查询
mysql_query("SELECT orgid FROM sub WHERE userid='$userid'")
you mix a parameter into the sql statement. 您将参数混合到sql语句中。 Have you assured that this value (the value of $userid) is secure for this purpose? 您是否已为此目的确定此值($ userid的值)是安全的? see http://en.wikipedia.org/wiki/SQL_injection 参见http://en.wikipedia.org/wiki/SQL_injection
You can use a JOIN statement two combine your two sql queryies into one. 您可以使用JOIN语句将两个SQL查询合并为一个。
see also: 也可以看看:
- http://docs.php.net/mysql_error http://docs.php.net/mysql_error
- http://docs.php.net/mysql_real_escape_string http://docs.php.net/mysql_real_escape_string
- http://www.w3schools.com/sql/sql_join.asp http://www.w3schools.com/sql/sql_join.asp
Example of rudimentary error handling: 基本错误处理示例:
$mysql = mysql_connect('Fill in', 'the correct', 'values here');
if ( !$mysql ) { // some went wrong, error hanlding here
echo 'connection failed. ', mysql_error();
return;
}
$result = mysql_select_db('dbname', $mysql);
if (!$result ) {
echo 'select_db failed. ', mysql_error($mysql);
return;
}
// Is it safe to use $userid as a parmeter within an sql statement?
// see http://docs.php.net/mysql_real_escape_string
$sql = "SELECT orgid FROM sub WHERE userid='$userid'";
$testquery = mysql_query($sql, $mysql);
if (!$testquery ) {
echo 'query failed. ', mysql_error($mysql), "<br />\n";
echo 'query=<pre>', $sql, '</pre>';
return;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.