MySQL语法错误与电子邮件

时间:2014-04-24 02:26:30

标签: php mysql

我正在尝试获取POST表单变量,而mySQL在尝试插入它们时会抛出错误。我无法想象我的生活原因。希望有人可以提供帮助。 

    function submitFound(){
    global $dbc;
    if ($_SERVER['REQUEST_METHOD'] == 'POST'){

        $query = 
        "INSERT INTO found1 
        (fname, lname, email, phone, name, color, make, model, sizes, info, location) 
        VALUES
        (" . 
        mysql_real_escape_string($_POST['fname']) . ","  . 
        mysql_real_escape_string($_POST['lname']) . ","  . 
        mysql_real_escape_string($_POST['email']) . "," . 
        mysql_real_escape_string($_POST['phone']) . ","  . 
        mysql_real_escape_string($_POST['name'])  . ","   . 
        mysql_real_escape_string($_POST['color']) . ","  . 
        mysql_real_escape_string($_POST['make'])  . ","   . 
        mysql_real_escape_string($_POST['model']) . ","  . 
        mysql_real_escape_string($_POST['size'])  . ","   . 
        mysql_real_escape_string($_POST['info'])  . ","   . 
        mysql_real_escape_string($_POST['location']). ")";
        $results = mysqli_query($dbc, $query);
        check_results($results);
        //return $mysqli_insert_id($dbc);
        mysqli_free_result($results);
    }
}

这是提交信息的功能。 (关于项目的一般信息。这是抛出mySQL错误。

MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com,444-444-4444,Book,#000040,NA,NA,Large,Nothing special,Byrne House)' at line 4

这是我在表单中输入的内容。 http://puu.sh/8l35Z.png

所以是的,任何帮助都会很棒。不确定它是否只是一些愚蠢的东西。我的眼睛开始越过:P

提前致谢。

编辑* 修复了字符串,但仍然出现错误: 新法典:

            $query = 
        "INSERT INTO found1 
        (fname, lname, email, phone, name, color, make, model, sizes, info, location) 
        VALUES
        ('" . 
        mysql_real_escape_string($_POST['fname']) . "','"  . 
        mysql_real_escape_string($_POST['lname']) . "','"  . 
        mysql_real_escape_string($_POST['email']) . "','" . 
        mysql_real_escape_string($_POST['phone']) . "','"  . 
        mysql_real_escape_string($_POST['name'])  . "','"   . 
        mysql_real_escape_string($_POST['color']) . "','"  . 
        mysql_real_escape_string($_POST['make'])  . "','"   . 
        mysql_real_escape_string($_POST['model']) . "','"  . 
        mysql_real_escape_string($_POST['size'])  . "','"   . 
        mysql_real_escape_string($_POST['info'])  . "','"   . 
        mysql_real_escape_string($_POST['location']). "')'";

MySQL错误:MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 4

1 个答案:

答案 0 :(得分:1)

正如John Conde所提到的,您需要在值周围添加引号,您的错误消息会显示此信息。

@gmail.com,444-444-4444,Book,#000040,NA,NA

注意缺少的引号,它应该看起来像这样

'@gmail.com','444-444-4444','Book','#000040','NA','NA'

试试这个

VALUES
        ('" . 
        mysql_real_escape_string($_POST['fname']) . "','"  . 
        mysql_real_escape_string($_POST['lname']) . "','"  . 
        mysql_real_escape_string($_POST['email']) . "','" .
相关问题
最新问题