我正在尝试允许某人通过上传已编辑的文件来更新包含来自csv内容的表“调查”。但每次我提交文件时都会收到此错误:
您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以便在'(Record_ID
=记录ID,Agreement
='协议(Q2)',1(Q_1)
='1附近使用正确的语法Q1_1)',`3(第1行的Q'
我的查询出了问题,我无法理解。
<?php
//connect to the database
$connect = mysql_connect("localhost","root","");
mysql_select_db("genydb",$connect); //select the table
//
if (isset($_FILES['csv'])){
if ($_FILES['csv']['size'] > 0) {
//get the csv file
$file = $_FILES["csv"]['tmp_name'];
$handle = fopen($file,"r");
//loop through the csv file and insert into database
while ($data = fgetcsv($handle,0,",","'")){
mysql_query("UPDATE `survey` SET(`Record_ID`='".addslashes($data[0])."', `Agreement`= '".addslashes($data[1])."',`1(Q_1)`= '".addslashes($data[2])."', `3 (Q4)`='".addslashes($data[3])."', `2 (Q3)`='".addslashes($data[4])."', `4 (Q5)`='".addslashes($data[5])."', `5 (Q6)`='".addslashes($data[6])."', `7 (Q8)`='".addslashes($data[7])."', `6 (Q7)`='".addslashes($data[8])."', `8 (Q9)`='".addslashes($data[9])."', `9 (Q10)`='".addslashes($data[10])."', `10 (Q11)`='".addslashes($data[11])."', `11 (Q12)`='".addslashes($data[12])."', `13 (Q14_1)`= '".addslashes($data[13])."'")or die(mysql_error());
}
//
//redirect
header('Location: imports.php?success=1'); die;
}
}
?>
<!DOCTYPE html>
<head>
<title>Import a CSV File with PHP & MySQL</title>
</head>
<body>
<?php if (!empty($_GET['success'])) { echo "<b>Your file has been imported.</b><br><br>"; } //generic success notice ?>
<form action="" method="post" enctype="multipart/form-data" ">
Choose your file: <br />
<input type="file" name="csv" id="csv" />
<input type="submit" name="Submit" value="Submit" />
</form>
</body>
</html>
答案 0 :(得分:2)
你不必在这里使用(
。它在这个括号中独自存在。
mysql_query("UPDATE `survey` SET(`Record_ID`='".addslashes($....
^^----------here
将其替换为
mysql_query("UPDATE `survey` SET `Record_ID`='".addslashes($....
也:在mysql查询中插入变量之前,建议使用mysql_real_escape_string
。
AND :推荐MYSQLI
或PDO
代替mysql
已弃用。