Mysql Query正确时显示SQL语法错误

Question

我厌倦了这个错误。 我很确定它可以与'$ _POST [name]'一起使用，但是sql不接受。

它给我的错误是： SQL语法有错误； 检查与您的MySQL服务器版本相对应的手册，以在第2行的'）'附近使用正确的语法

$syn = mysql_real_escape_string($_POST['syn']);
$fore = mysql_real_escape_string($_POST['fore']);
 $localfore = mysql_real_escape_string($_POST['localfore']);
$save = mysql_query("INSERT INTO tblforecast (Issued,Valid,Synopsis,Forecast,Local_Forecast,Station11,Station12,Station13,Station14,Station15,Station16,Station17,Station18,Station19,Forecaster)
                           VALUES (now(),'24','$syn','$fore','$localfore','sample','$sample','sample','sample','sample','sample','sample','sample','sample',$id)");

这是怎么回事？

PS。 第2行指向VALUES的开头

Answer 1

直接保存帖子数据是非常不好的做法。 相反，您可以使用$syn = mysql_real_escape_string($_POST['syn']); 和$syn放入您的sql查询中。

Answer 2

尝试这个

$sql = "INSERT INTO tblforecast (Issued,Valid,Synopsis,Forecast,Local_Forecast,Station11,Station12,Station13,Station14,Station15,Station16,Station17,Station18,Station19,Forecaster)
                                   VALUES ('{$datetime}',24,'{$_POST[syn]}','{$_POST[fore]}','{$_POST[localfore]}','sample','sample','sample','sample','sample','sample','sample','sample','sample',$id)";
echo sql;

$save = mysql_query($sql);

Answer 3

如果以更简便的方式编写查询，则可能会发现一些错误：

INSERT INTO
    tblforecast
(
    Issued
    ,Valid
    ,Synopsis
    ,Forecast
    ,Local_Forecast
    ,Station11
    ,Station12
    ,Station13
    ,Station14
    ,Station15
    ,Station16
    ,Station17
    ,Station18
    ,Station19
    ,Forecaster
) VALUES (
    '$datetime'
    ,24
    ,'$_POST[syn]'
    ,'$_POST[fore]'
    ,'$_POST[localfore]'
    ,'sample'
    ,'$sample]' // <-- is that supposed to be there?
    ,'sample'
    ,'sample'
    ,'sample'
    ,'sample'
    ,'sample'
    ,'sample'
    ,'sample'
    ,$id // <-- where are the closing brackets?