我在mysql查询中的SQL语法有什么问题?

时间:2016-02-01 02:24:45

标签: php mysql

我已收到此消息并对其进行了研究,并进行了建议更改,但仍然无法使其正常运行。我有点像初学者,所以请原谅看起来很乱的事。

以下是错误消息:

您的SQL语法有错误;查看与您的MySQL服务器版本对应的手册,以便在'''','',''&#附近使用正确的语法39;,'','')'在第1行

这是php:

<?php
if (isset($_POST['submit'])) {
   if (empty($_POST["fname"])) {
     $fnameErr = "First name is required";
   } else {
     $fname = test_input($_POST["fname"]);
     // check if first name only contains letters and whitespace
     if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
       $fnameErr = "Only letters and white space allowed";
     }
   }

   if (empty($_POST["lname"])) {
     $lnameErr = "Last name is required";
   } else {
     $lname = test_input($_POST["lname"]);
     // check if last name only contains letters and whitespace
     if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
       $lnameErr = "Only letters and white space allowed"; 
     }
   }

   if (empty($_POST["country"])) {
     $countryErr = "Country is required";
   } else {
     $country = test_input($_POST["country"]);
     // check if country is well-formed
     if (!preg_match("/^[a-zA-Z ]*$/",$country)) {
       $countryErr = "Only letters and white space allowed"; 
     }
   }

   if (empty($_POST["arrdate"])) {
     $arrdate = "";
   } else {
     $arrdate = test_input($_POST["arrdate"]);
     // check if arrival date syntax is valid
     if (!preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/",$arrdate)) {
       $arrdateErr = "Use Date Format mm/dd/yyyy"; 
     }
   }

   if (empty($_POST["retdate"])) {
     $retdate = "";
   } else {
     $retdate = test_input($_POST["retdate"]);
     // check if arrival date syntax is valid
     if (!preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/",$retdate)) {
       $retdateErr = "Use Date Format mm/dd/yyyy"; 
     }
   }

   if (empty($_POST["type"])) {
     $typeERR = "Country is required";
   } else {
     $type = test_input($_POST["type"]);
     // check if type is well-formed
     if (!preg_match("/^[a-zA-Z ]*$/",$type)) {
       $typeErr = "Only letters and white space allowed"; 
     }
   }

   if (empty($_POST["destination"])) {
     $destination = "";
   } else {
     $destination = test_input($_POST["destination"]);
     // check if destination is well-formed
     if (!preg_match("/^[a-zA-Z ]*$/",$destination)) {
       $destinationERR = "Only letters and white space allowed"; 
     }
   }

   if (empty($_POST["missionary"])) {
     $missionary = "";
   } else {
     $missionary = test_input($_POST["missionary"]);
     // check if missionary is well-formed
     if (!preg_match("/^[a-zA-Z ]*$/",$missionary)) {
       $missionaryERR = "Only letters and white space allowed"; 
     }
   }

   $con = mysql_connect('********', '*****', '*******');
   mysql_select_db(dbbmdmi);


   $fname = mysql_real_escape_string($fname);
   $lname = mysql_real_escape_string($lname);
   $country = mysql_real_escape_string($country);
   $arrdate = mysql_real_escape_string($arrdate);
   $retdate = mysql_real_escape_string($retdate);
   $type = mysql_real_escape_string($type);
   $destination = mysql_real_escape_string($destination);
   $missionary = mysql_real_escape_string($missionary);


   if ($con) {
   $tmid = "$lname". "$arrdate";
   $capt = "$fname ". "$lname";
   $sql = "INSERT INTO Teams ". "(TeamID, Captain, CountryID, ArrDate, DepDate, Type, DestID, MsnyID) ". "VALUES ('$tmid', '$capt', $country', '$arrdate', '$retdate', '$type', '$destination', '$missionary')";
   $query = mysql_query($sql) or die(mysql_error());
   if($query)
   {
    header("Location:/teams.php");
    echo'Team successfully added!';
   }
   else 
   {
    echo 'problem occured adding record';
   }}
}

function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

?>

1 个答案:

答案 0 :(得分:1)

您错过了$country参数的开头报价。

VALUES ('$tmid', '$capt', $country', '$arrdate', '$retdate', '$type', '$destination', '$missionary')
                          ^
                         Here

另请注意,mysql_*函数已被弃用。请改用mysqli_*函数或PDO。