[英]sql syntax error with pro statement inserting row
我正在使用以下代碼在數據庫中插入一行。 我總是出錯
{"error":"SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'show) VALUES('A E Jewelers','Quintin','Schmidt','131 South Rolling Meadows Dr.',' at line 1"}
這是我的查詢
xxx/webservice/api.php?action=addStore&name=A%20E%20Jewelers&firstname=Quintin&lastname=Schmidt&address=131%20South%20Rolling%20Meadows%20Dr.&city=Fond%20du%20Lac&state=WI&country=USA&zip=54935&phone=(920)%20933%203601%0A&fax=(920)%20486-1734&email=Diadori@aejewelers.com&latitude=43.775931&longitude=-88.482894&website=www.aejewelers.com&show=1
function AddStore()
{
$name = trim($_REQUEST['name']);
$firstname = trim($_REQUEST['firstname']);
$lastname = trim($_REQUEST['lastname']);
$address = trim($_REQUEST['address']);
$city = trim($_REQUEST['city']);
$state = trim($_REQUEST['state']);
$country = trim($_REQUEST['country']);
$zip = trim($_REQUEST['zip']);
$phone = trim($_REQUEST['phone']);
$fax = trim($_REQUEST['fax']);
$email = trim($_REQUEST['email']);
$latitude = trim($_REQUEST['latitude']);
$longitude = trim($_REQUEST['longitude']);
$website = trim($_REQUEST['website']);
$show = 1;
return $show;
$insert_id = 0;
try {
$conn = $this->GetDBConnection();
$statement = $conn->prepare('INSERT INTO stores( name, firstname, lastname, address, city, state, country, zip, phone, fax, email, latitude,longitude, website,show) VALUES(:name,:firstname,:lastname,:address,:city,:state,:country,:zip,:phone,:fax, :email, :phone, :zip)');
$statement->bindParam(':name', $name, PDO::PARAM_STR);
$statement->bindParam(':firstname', $firstname, PDO::PARAM_STR);
$statement->bindParam(':lastname' , $lastname, PDO::PARAM_STR);
$statement->bindParam(':address', $address, PDO::PARAM_STR);
$statement->bindParam(':city', $city, PDO::PARAM_STR);
$statement->bindParam(':state', $state, PDO::PARAM_STR);
$statement->bindParam(':country', $country, PDO::PARAM_STR);
$statement->bindParam(':zip', $zip, PDO::PARAM_STR);
$statement->bindParam(':phone', $phone, PDO::PARAM_STR);
$statement->bindParam(':fax' , $fax, PDO::PARAM_STR);
$statement->bindParam(':email' , $email, PDO::PARAM_STR);
$statement->bindParam(':latitude' , $latitude, PDO::PARAM_STR);
$statement->bindParam(':longitude', $longitude, PDO::PARAM_STR);
$statement->bindParam(':website' , $website, PDO::PARAM_STR);
$statement->bindParam(':show' , $show, PDO::PARAM_INT);
$statement->execute();
$insert_id = $conn->lastInsertId();
$conn = null;
} catch(PDOException $e) {
throw $e;
}
return $insert_id;
}
將列名show替換為show
INSERT INTO stores(
name, firstname, lastname, address, city, state,
country, zip, phone, fax, email, latitude,longitude,
website,`show`)
VALUES (:name,:firstname,:lastname,:address,:city,
:state,:country,:zip,:phone,:fax, :email,
:phone, :zip)'
單詞show是SQL中的關鍵字
良好的做法是始終將字段名和表名包裝在反引號中,以防偶然使用保留關鍵字來避免這種常見的“陷阱”。 SQL中保留字的數量驚人,因此僅對名稱進行反引號而不是記住檢查所使用的每個字段或表名可能會更容易。
我認為您已經確認所有值都不為空/空,也不包含空格,引號或逗號? PDO庫是否處理轉義引號(例如, Mrs. O'Leary's Cow
)並將數據包裝在引號中?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.