我的代码是。
$newModel = "INSERT INTO models (id," .
" firstname," .
" lastname," .
" email," .
" password," .
" group," .
" phone," .
" timeofday," .
" dayofweek," .
" address," .
" city," .
" state," .
" zip," .
" gender," .
" hair," .
" eye," .
" birthday," .
" birthmonth," .
" birthyear," .
" bustshirt," .
" cup," .
" waist," .
" hips," .
" waist," .
" hips," .
" weight," .
" inches," .
" dressjacket," .
" workxp," .
" twitter," .
" facebook," .
" joindate," .
" instagram," .
" imdb," .
" parentid," .
" error) VALUES (".
PrepSQL($modelid) . ", " .
PrepSQL($firstname) . ", " .
PrepSQL($lastname) . ", " .
PrepSQL($email) . ", " .
PrepSQL($password) . ", " .
PrepSQL($group) . ", " .
PrepSQL($phone) . ", " .
PrepSQL($timeofday) . ", " .
PrepSQL($dayofweek) . ", " .
PrepSQL($address) . ", " .
PrepSQL($city) . ", " .
PrepSQL($state) . ", " .
PrepSQL($zip) . ", " .
PrepSQL($gender) . ", " .
PrepSQL($hair) . ", " .
PrepSQL($eyes) . ", " .
PrepSQL($bday) . ", " .
PrepSQL($bmonth) . ", " .
PrepSQL($byear) . ", " .
PrepSQL($bust) . ", " .
PrepSQL($cup) . ", " .
PrepSQL($waist) . ", " .
PrepSQL($hips) . ", " .
PrepSQL($weight) . ", " .
PrepSQL($height) . ", " .
PrepSQL($dressjacket) . ", " .
PrepSQL($workxp) . ", " .
PrepSQL($twitter) . ", " .
PrepSQL($facebook) . ", " .
PrepSQL($joindate) . ", " .
PrepSQL($instagram) . ", " .
PrepSQL($imdb) . ", " .
PrepSQL($parentid) . ", " .
PrepSQL($error) . ")";
mysql_query($newModel) or die(mysql_error());
发出错误:
您的SQL语法有错误;检查手册 对应于您的MySQL服务器版本,以便使用正确的语法 靠近'group,phone,timeofday,dayofweek,地址,城市,州,邮编, 性别,头发,眼睛'在第1行
答案 0 :(得分:7)
答案 1 :(得分:4)
GROUP是保留关键字,恰好是列的名称。要避免语法错误,您需要使用反引号来转义它。例如,
`group`
如果您有权更改表,请将列名更改为不是保留关键字,以避免再次出现问题。
作为旁注,如果变量的值( s )来自外部,则查询易受SQL Injection攻击。请查看下面的文章,了解如何防止它。通过使用PreparedStatements,您可以摆脱在值周围使用单引号。