无法弄清楚我的SQL语法有什么问题

时间:2014-10-07 11:49:38

标签: php mysql sql

我在PHP中运行以下SQL查询

   try {
        $sql = "INSERT INTO doc SET type = 1, 
         candID = :candID, 
         userID = ".$_SESSION['userid'].", 
         filename = ".$_FILES['file']['tmp_name'].", 
         date=date_format(curdate(), '%d/%m/%Y')";

        $s   = $pdo->prepare($sql);
        $s->bindValue(':candID', $_POST['candid']);
        $s->execute();
    }
    catch (PDOException $e) {
        $error = 'Error adding doc: ' . $e->getMessage();
        include $errorpage;
        exit();
    }

我收到以下错误:

  

添加doc时出错:SQLSTATE [42000]:语法错误或访问冲突:   1064您的SQL语法有错误;检查手册   对应于您的MySQL服务器版本,以便使用正确的语法   靠近':\ xampp \ tmp \ phpD58B.tmp,date = date_format(curdate(),   '%d /%米/%Y')'在第5行

我无法弄清楚为什么我会收到此错误。我错过了我的语法有什么问题吗?

2 个答案:

答案 0 :(得分:1)

filename = ".$_FILES['file']['tmp_name'].",应为filename = '".$_FILES['file']['tmp_name']."',

所以代码看起来像

try {
    $sql = "INSERT INTO doc SET type = 1, 
     candID = :candID, 
     userID = ".$_SESSION['userid'].", 
     filename = '".$_FILES['file']['tmp_name']."', 
     date=date_format(curdate(), '%d/%m/%Y')";

    $s   = $pdo->prepare($sql);
    $s->bindValue(':candID', $_POST['candid']);
    $s->execute();
}
catch (PDOException $e) {
    $error = 'Error adding doc: ' . $e->getMessage();
    include $errorpage;
    exit();
}

答案 1 :(得分:1)

SET用于UPDATE语句。

$sql = "INSERT INTO doc  (type, candID, userID, finame, date) VALUES (1, :candID, :userID, :filename, :date)";

$s   = $pdo->prepare($sql);
$s->execute(array(':candID' => $_POST['candid'], ':userID' => $_SESSION['userid'], ':filename' => $_FILES['file']['tmp_name'], ':date' => date('d/m/Y'));
相关问题
最新问题