SQL语法错误(服务器版本:5.6.17-MySQL) [英] SQL Syntax Error (Server version: 5.6.17 - MySQL)
问题描述
大家好,请告诉我这段代码中缺少什么.因为我收到了SQL语法错误.
Could you guys please tell me what is missing on this code. because i get SQL Syntax Error.
我创建了具有三个列的表. ID为自动识别,图像为Blob数据类型
i have created table with three colums. ID is auto incriminating and Image is Blob data type
我认为插入$ image时会发生问题
as i think problem occurs when inserting the $image
这是错误------- >>您的SQL语法有错误;请查看与您的MySQL服务器版本相对应的手册,以获取正确的语法,以在'#〜 附近使用.我在行1"
here is the error ------->> "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '�#~���I�٢7W�?Hl����:��o���:�ӏvm5V��Ό��'`V���' at line 1 "
<?php
if (isset($_POST["Upload"]))
{
include("DbConnection.php");
$file = $_FILES['image']['tmp_name'];
if(!isset($file)) {
echo 'Please Select a File';
}
else {
$image = file_get_contents($_FILES['image']['tmp_name']);
$img_name = $_FILES['image']['name'];
$img_size = getimagesize($_FILES['image']['tmp_name']);
if ($img_size == false)
{
echo 'it is not a image';
}
else
{
$query = mysqli_query($Con, "INSERT INTO `cars_tbl` (ID,Name,Image) VALUES ('','$img_name','$image')");
if (!$query)
{
echo 'Error Executing Query '.mysqli_error($Con);
}
else
{
$last_ID = mysqli_insert_id($Con);
echo "Image Uploaded. <p /> Your Image : <p /> <img src='get.php?ID=".$last_ID."'" ;
}
}
} //else
} // 1st IF
else
{
echo 'Fill the details';
}
?>
推荐答案
问题是您显然将blob
保存到数据库而没有进行转义.
The problem is you are saving apparently blob
into the database without escaping it.
您必须意识到命令中会发生什么:图像数据-也可能包含'(因为它是二进制的)-使您的SQL命令无效.
You must realize what happens in your command: The image data - which can also contain ' because it is binary - invalidates your SQL command.
正确的保存方式:
1)
带有准备好的语句
2)
mysqli_query($Con, "INSERT INTO `cars_tbl` (ID, Name, Image)
VALUES ('', '$img_name', '".mysqli_escape_string($image)."')");
我希望使用准备好的陈述.另一个问题是为什么将ID
设置为空字符串.
I would prefer Prepared Statements. The other question is why you set ID
to an empty string.
这篇关于SQL语法错误(服务器版本:5.6.17-MySQL)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!