stackoom
  简体   繁体   中英

PHP SQL Update Query failing

 原文  2016-06-07 12:11:28       php/ mysql

Question

i am trying to run this SQL query in PHP: 

UPDATE 
    billing_calldata 
SET 
    status = 'c', 
    customer = '475', 
    description = 'UK Mobile VMNO C&W (fw7-C&W)', 
    customer_cost = '0.00720416666666667', 
    customer_ac = '0', 
    customer_sc = '0', 
    reseller_cost = '0', 
    reseller_ac = '0', 
    reseller_sc = '0'

WHERE sequence = 10364723

but it is returning this error: 

UPDATE 
    billing_calldata 
SET 
    status = 'c', 
    customer = '475', 
    description = 'UK Mobile VMNO CYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''UK Mobile VMNO C' at line 1

The description is UK Mobile VMNO C&W (fw7-C&W)

But the query work fine directly in phpMyAdmin

the query is originating from my vb.net application: 

SQL = "UPDATE billing_calldata SET " _
                         & "status = 'c', " _
                         & "customer = '" & customer_sequence & "', " _
                         & "description = '" & description & "', " _
                         & "customer_cost = '" & customer_cost & "', " _
                         & "customer_ac = '" & customer_ac & "', " _
                         & "customer_sc = '" & customer_sc & "', " _
                         & "reseller_cost = '" & reseller_cost & "', " _
                         & "reseller_ac = '" & reseller_ac & "', " _
                         & "reseller_sc = '" & reseller_sc & "' " _
                         & "WHERE sequence = " & sequence & " "
                    SQL = "apikey=1nt3gr4&submittedSQL=" + SQL

then i send this in a Post request to a PHP page, which contains the following: 

if($_POST["apikey"] <> '' and $_POST["apikey"] == '1nt3gr4' and $_POST["submittedSQL"] <> '') {
    $sql = $_POST["submittedSQL"];
    mysql_query($sql, $conn) or die(mysql_error());
}

1 answers

solution1
 0  2016-06-07 12:28:33

Escape the special characters with real_escape_string : 

$description = $mysqli->real_escape_string($description);

then use $description in the UPDATE .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php and sql query failing Simple SQL & PHP query failing php SQL select query failing PHP SQL update query php Update sql and Query sql update query in php SQL + PHP Update query update query php postgres failing for no reason Why is my SQL query in PHP failing? Update SQL query with PHP error
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM