我正在运行的MySQL查询引发了以下错误
您的SQL语法有错误;检查手册 对应于您的MySQL服务器版本,以便使用正确的语法 'desc ='附近输入描述这里''在第2行
desc是一个变量'$ desc',错误表明在desc之前有一个额外的'但是代码中没有任何内容(如下)如果我完全删除了desc它工作正常(显然没有更新那部分)它的非常很奇怪,非常感谢你的帮助: - )
代码是
//Get the form data
$title = $_POST['title'];
$keywords = $_POST['keywords'];
$desc = $_POST['desc'];
//initialise connection with databse
require_once('../Connections/EliteGrooming.php');
mysql_select_db($database_EliteGrooming, $EliteGrooming);
//Execute the query
mysql_real_escape_string($title, $keywords, $desc);
$query = "
UPDATE site_settings
SET site_title = '$title', keywords = '$keywords', desc = '$desc';";
mysql_query($query) or die(mysql_error());
mysql_close();
header('Location: ../admin/site-settings.php?updated');
答案 0 :(得分:5)
desc是 reserved keyword ,您必须使用反引号将其转义
$query = "
UPDATE site_settings
SET site_title = '$title', keywords = '$keywords', `desc` = '$desc';";
但您的查询容易被SQL Injection攻击,请阅读以下文章,
答案 1 :(得分:3)
您需要使用反引号{/ 1>来reserved words in MySQL转义desc
UPDATE site_settings
SET site_title = '$title', keywords = '$keywords', `desc` = '$desc';";