我想从URL读取查询字符串并将它们保存到sqlite数据库中 我面对这些错误消息:
PHP Warning: SQLite3::exec(): near ",": syntax error
但我没有问题:
$Tel = $_REQUEST["from"];
$Content = $_REQUEST["text"];
echo $Tel = strip_tags($Tel);
echo $Content = strip_tags($Content);
$sql =<<<EOF
INSERT INTO foodordering(Fullname, Tel, RecievingTime, Content)
VALUES ("Ehsan", $Tel, date('now'), $Content);
EOF;
$ret = $db->exec($sql);
答案 0 :(得分:2)
如@HassanAhmed所述,当输入处理不当时会发生这种情况;您有同样的问题,就好像有人使用SQL injection对您一样。快速解决方法是将字段用引号括起来:
VALUES ("Ehsan", "$Tel", date('now'), "$Content");
您应该做的是绑定参数 :
$sql =<<<EOF
INSERT INTO foodordering(Fullname, Tel, RecievingTime, Content)
VALUES ("Ehsan", :tel, date('now'), :content);
EOF;
$stmt = $db->prepare($sql);
$stmt->bindValue(':tel', $_REQUEST['from']);
$stmt->bindValue(':content', $_REQUEST['text']);
$ret = $stmt->execute();