Question

我无法弄清楚为什么我有语法错误我在第25行收到语法错误一旦我开始添加$ _SESSION部分的值，我是新的php和编码所以任何帮助将不胜感激。

<?php
ini_set('display_errors', 1);

//Adjust error reporting:
error_reporting(E_ALL | E_STRICT);

include('includes/session_config.inc');
require ('mysqli_connect.php'); 

$q = "INSERT INTO cards (sender_last,
                         sender_first,
                         sender_email,
                         recipient_last,
                        recepient_first,
                         recepient_email,
                         subject,
                         message,
                         image,
                         identifier,
                         date_entered
                     ) 
        VALUES ($_SESSION['postcard']['from_first']',
                $_SESSION['postcard']['from_last']',
                $_SESSION['postcard']['from_email']',
                $_SESSION['postcard']['to_first']',
                $_SESSION['postcard']['to_last']',
                $_SESSION['postcard']['to_email'],
                $_SESSION['postcard']['subject'],
                $_SESSION['postcard']['message'],
                $_SESSION['postcard']['image'],
                $_SESSION['postcard']['identifier']
                NOW()
                )";

Answer 1

试试这个，不要直接在查询中使用长多维数组，使用这样保存在varialbe中然后使用它，其他也关心SQL注入，你也错过了 NOW之前的逗号（）在查询结束时。

<?php
ini_set('display_errors', 1);

//Adjust error reporting:
error_reporting(E_ALL | E_STRICT);

include('includes/session_config.inc');
require ('mysqli_connect.php'); 

$from_first     =   mysql_real_escape_string($_SESSION['postcard']['from_first']);
$from_last      =   mysql_real_escape_string($_SESSION['postcard']['from_last']);
$from_email     =   mysql_real_escape_string($_SESSION['postcard']['from_email']);
$to_first       =   mysql_real_escape_string($_SESSION['postcard']['to_first']);
$to_last        =   mysql_real_escape_string($_SESSION['postcard']['to_last']);
$to_email       =   mysql_real_escape_string($_SESSION['postcard']['to_email']);
$subject        =   mysql_real_escape_string($_SESSION['postcard']['subject']);
$message        =   mysql_real_escape_string($_SESSION['postcard']['message']);
$image          =   mysql_real_escape_string($_SESSION['postcard']['image']);
$identifier     =   mysql_real_escape_string($_SESSION['postcard']['identifier']);

$q = "INSERT INTO cards (sender_last,
                         sender_first,
                         sender_email,
                         recipient_last,
                        recepient_first,
                         recepient_email,
                         subject,
                         message,
                         image,
                         identifier,
                         date_entered
                     )
        VALUES ($from_first,
                $from_last,
                $from_email,
                $to_first,
                $to_last,
                $to_email,
                $subject,
                $message,
                $image,
                $identifier,
                NOW()
                )";

Answer 2

您的值是字符串，但只有'结尾：VALUES ($_SESSION...', $_SESSION...'，请将其替换为VALUES ('{$_SESSION...}', '{$_SESSION...}'。在值列表<{p>中,之前还缺少NOW()

解析错误：语法错误，插入表时意外T_ENCAPSED_AND_WHITESPACE

2 个答案: