不断收到语法错误(php/mysql) [英] keep getting a syntax error (php / mysql)

问题描述

php/mysql

php/mysql

我不断收到此错误:您的SQL语法有错误；请查看与您的MySQL服务器版本相对应的手册，以找到在第1行的'1'附近使用的正确语法.

I keep getting this error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1".

我正在努力使此查询发生.它可以工作，将其插入到mysql数据库中，但是每次都会出现此错误.我尝试使用同一行中的所有内容，将双引号更改为单引号，删除所有在空白行中插入所有空格的空格，更改我将变量传递的方式({$ variable}到'.$ variable.)还有其他的一切.我已经看到了几个与此相关的stackoverflow问题，但是使用了不同的解决方案. 我知道我们不能在数字字段中传递''.

I'm trying hard to make this query to happen. It works, it inserts into the mysql database but this error appears every time. I've tried to use everything in the same line, changed double quotes to single quotes, removed all the whitespaces inserting everything in the samen line, changing the way I pass the variables({$variable} to '.$variable.') and everything else. I've seen a couple of stackoverflow questions related to this but with different solutions. I know that we can't pass '' in a numeric fields.

我认为我现在没有选择了.需要帮忙！ 该错误一直显示，但数据已正确插入到我的表中

I think I'm out of options now. Need help! This error keeps showing but the data is correctly inserted in my table

下面是代码:

$user_id = get_current_user_id();
$prescription_name = $_POST['prescription_name'];
$date_created = date('Y-m-d');
$last_updated = date('Y-m-d');
$right_eye_sphere = $_POST['right_eye_sphere'];
$left_eye_sphere = $_POST['left_eye_sphere'];
$right_eye_cylinder = $_POST['right_eye_cylinder'];
$left_eye_cylinder = $_POST['left_eye_cylinder'];
$right_eye_axis = $_POST['right_eye_axis'];
$left_eye_axis = $_POST['left_eye_axis'];
$pd = $_POST['pd'];
$date_of_birth = $_POST['date_of_birth'];
$file_path = $_POST['file_path'];

$add_query = "INSERT INTO wew_prescription (
        prescription_id,
        user_id,
        prescription_name,
        date_created,
        last_updated,
        right_eye_sphere,
        left_eye_sphere,
        right_eye_cylinder,
        left_eye_cylinder,
        right_eye_axis,
        left_eye_axis,
        pd,
        date_of_birth,
        file_path
        ) Values (
        NULL,
        {$user_id},
        '{$prescription_name}',
        '{$date_created}',
        '{$last_updated}',
        '{$right_eye_sphere}',
        '{$left_eye_sphere}',
        '{$right_eye_cylinder}',
        '{$left_eye_cylinder}',
        '{$right_eye_axis}',
        '{$left_eye_axis}',
        '{$pd}',
        '{$date_of_birth}',
        '{$file_path}'
        )";

    $sql = $dbCon->query($add_query);

    if (!mysqli_query($dbCon,$sql)){
        die('Error: ' . mysqli_error($dbCon));
    }else{
        mysqli_query($dbCon,$sql);
        echo "dados atualizados!";
    }

推荐答案

错误来自以下行:

if (!mysqli_query($dbCon,$sql)){

$sql包含

$dbCon->query($add_query);

由于查询成功，所以$sql包含TRUE. mysqli_query()要求第二个参数为字符串，因此TRUE变为"1"，因此您可以有效地进行操作:

Since that query was successful, $sql contains TRUE. mysqli_query() requires the second argument to be a string, so TRUE becomes "1", so you're effectively doing:

if (!mysqli_query($dbCon, "1")) {

这不是有效的查询，因此您会收到错误消息.

That's not a valid query, so you get an error.

我认为您真正想做的是:

I think what you really meant to do was:

if (!$sql) {
    die('Error: ' . $dbCon->error);
} else {
    echo "dados atualizados!";
}

您无需继续反复拨打mysqli_query().

您还应该学习使用准备好的语句进行编码，而不是将变量替换为查询，以防止SQL注入.

You should also learn to code using prepared statements instead of substituting variables into the query, to prevent SQL injection.

这篇关于不断收到语法错误(php/mysql)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！