Question

执行sql查询时出现以下错误。

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's%' ORDER BY gallery_id DESC' at line 1

我在下面解释我的问题。

$searchKey="Celli's"
$keyword = '%'.$searchKey.'%';
$query = "SELECT * from db_gallery WHERE description LIKE '" . $keyword . "'
          ORDER BY gallery_id DESC ";

在这里，我需要搜索值，但当's带有任何关键字时，它会抛出错误。请帮帮我。

Answer 1

'中包含$searchKey，因此您的查询中实际上有三个'：不对应！

你应该先逃跑（两者都没事）：

$mysqli = new mysqli("host", "user", "pass", "db");
$searchKey = $mysqli->real_escape_string($searchKey);

$mysqli = mysqli_connect("host", "user", "pass", "db");
$searchKey = mysqli_real_escape_string($mysqli, $searchKey);

请参阅：http://php.net/manual/en/mysqli.real-escape-string.php

Answer 2

你必须逃避＆＃39; 字符，如：

searchKey = 'something'
searchKey = searchKey.replace("'", "\\'");

现在在您的查询中使用searchKey。

或者使用一些查询转义字符串函数来转义这些字符。

Answer 3

更改$ searchKey =“Celli's”

使用$ searchKey =“Celli \”s（你缺少一个反斜杠）

Answer 4

有一个＆＃39;包含在$ searchKey中，所以你需要转义它，使用mysqli转义字符串：

注意： mysqli_real_escape_string期望第一个参数为连接

$keyword="Celli's"
$con=mysqli_connect("localhost","root","root","test");//procedural
$searchKey = mysqli_real_escape_string($con, $keyword);

echo $searchKey;// use this in sql

如果您使用的是对象类型：

    $con=new mysqli("localhost","root","root","test");//procedural
    $searchKey = $mysqli->real_escape_string($keyword);
    echo $searchKey;// use this in sql

Answer 5

$searchKey="Celli\'s"
$keyword = '%'.$searchKey.'%';
$query = "SELECT * from db_gallery WHERE description LIKE '" . $keyword . "'
          ORDER BY gallery_id DESC ";

简单的错误试试这个。

Answer 6

请尝试以下查询。

$keyword = '%Celli''s%';
"SELECT * from db_gallery WHERE description LIKE ".$keyword." ORDER BY gallery_id DESC";

使用MySQL在查询中获取语法错误

6 个答案: