我在php中不断收到此错误。当我硬设置值但它似乎不适用于变量时,它工作正常。
错误:INSERT INTO ContactUS(姓名,电子邮件,订阅)VALUES(TEST,my @ email.com,1) 您的SQL语法有错误;查看与您的MySQL服务器版本对应的手册,以便在第1行的'Anis,my @ email.com,1)附近使用正确的语法
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO ContactUS (name, email, subscribed) VALUES ($name, $email, $subscribed)";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
答案 0 :(得分:1)
应引用值:
$sql = "INSERT INTO ContactUS (name, email, subscribed) VALUES ('$name', '$email', '$subscribed')";
或许最好使用预备语句,因为这是自动完成的和您不会受到SQL injections的攻击
答案 1 :(得分:0)
在变量周围使用引号,因为PHP会替换它的值,留下无效的查询:
$sql = "INSERT INTO ContactUS (name, email, subscribed) VALUES ('$name', '$email', '$subscribed')";
但请使用准备好的语句,否则您将成为SQL注入的受害者