我遇到的错误与下拉列表有关:
您的SQL语法有错误;检查手册 对应于您的MariaDB服务器版本,以获得正确的语法 在第1行'','100','进步')附近
<?php
session_start();
/* Database connection settings */
$host = '';
$user = '';
$pass = '';
$db = '';
$mysqli = new mysqli($host,$user,$pass,$db) or die($mysqli->error);
?>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$FirstName = $_POST['FirstName'];
$LastName = $_POST['LastName'];
$Passport = $_POST['Passport'];
$TeachersName = $_POST['TeachersName'];
$Date = $_POST['Date'];
$CourseType = $_POST['CourseType'];
$CourseCode = $_POST['CourseCode'];
$Grammar = $_POST['Grammar'];
$Reading = $_POST['Reading'];
$Writing = $_POST['Writing'];
$Listening = $_POST['Listening'];
$Speaking = $_POST['Speaking'];
$TeachersAssessment = $_POST['TeachersAssessment'];
$Totalz = $_POST['Totalz'];
$Overallz = $_POST['Overallz'];
$Progress = $_POST['Progress'];
}
$Results = $Grammar + $Reading + $Writing + $Listening + $Speaking + $TeachersAssessment;
$Overall = $Results /130*100;
if(isset($_POST['SubmitForm']))
{
$checkBoxz= implode(",",$_POST['Progress']);
$query="INSERT INTO examresults (FirstName, LastName, Passport, TeachersName, Date, CourseType, CourseCode, Grammar, Reading, Writing, Listening, Speaking, TeachersAssessment, Totalz, Overallz, Progress) VALUES ('$FirstName','$LastName','$Passport','$TeachersName','$Date','$CourseType','$CourseCode','$Grammar','$Reading','$Writing','$Listening','$Speaking','$TeachersAssessment',$Totalz','$Overallz','". $checkBoxz ."')";
mysqli_query($mysqli,$query) or die($mysqli->error);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Exam Cover Sheet</title>
<link rel="stylesheet" href="css/jquery-ui.css">
<script src="js/jquery-1.12.4.js"></script>
<script src="js/jquery-ui.js"></script>
<script>
$( function() {
$( "#datepicker" ).datepicker();
} );
</script>
</head>
<body>
<form name="form1" method="post" action="cal.php">
<p>
<label for="textfield"></label>
</p>
<table width="63%" border="0">
<tr>
<td width="19%"><strong>First Name:</strong></td>
<td width="31%"><label for="textfield9"></label>
<input type="text" name="FirstName" id="textfield9" value="<?= isset($_POST['FirstName']) ? htmlspecialchars($_POST['FirstName']) : '' ?>"/></td>
<td width="50%"> </td>
</tr>
<tr>
<td><strong>Last Name:</strong></td>
<td><input type="text" name="LastName" id="textfield10" value="<?= isset($_POST['LastName']) ? htmlspecialchars($_POST['LastName']) : '' ?>"/></td>
<td> </td>
</tr>
<tr>
<td><strong>Passport No.:</strong></td>
<td><input type="text" name="Passport" id="textfield11" value="<?= isset($_POST['Passport']) ? htmlspecialchars($_POST['Passport']) : '' ?>"/></td>
<td> </td>
</tr>
<tr>
<td><strong>Teacher's Name:</strong></td>
<td><input type="text" name="TeachersName" id="textfield13" value="<?= isset($_POST['TeachersName']) ? htmlspecialchars($_POST['TeachersName']) : '' ?>"/></td>
<td> </td>
</tr>
<tr>
<td><strong>Date:</strong></td>
<td><input type="text" name="Date" id="datepicker" value="<?= isset($_POST['Date']) ? htmlspecialchars($_POST['Date']) : '' ?>"/></td>
<td> </td>
</tr>
<tr>
<td><strong>Course Type:</strong></td>
<td><label for="select"></label>
<select name="CourseType" id="select">
<option value="Elementary 1">Elementary 1</option>
<option value="Elementary 2" >Elementary 2</option>
<option value="Elementary 3" >Elementary 3</option>
<option value="Intermediate 1" >Intermediate 1</option>
<option value="Intermediate 2" >Intermediate 2</option>
<option value="Intermediate 3" >Intermediate 3</option>
<option value="Pre-Intermediate 1">Pre-Intermediate 1</option>
<option value="Pre-Intermediate 2" >Pre-Intermediate 2</option>
<option value="Pre-Intermediate 3" >Pre-Intermediate 3</option>
</select></td>
<td> </td>
</tr>
<tr>
<td><strong>Course Code:</strong></td>
<td><label for="select2"></label>
<select name="CourseCode" id="select2">
<option value="Elementary 1">EL1</option>
<option value="Elementary 2" >EL2</option>
<option value="Elementary 3" >EL3</option>
<option value="Intermediate 1" >I1</option>
<option value="Intermediate 2" >I2</option>
<option value="Intermediate 3" >I3</option>
<option value="Pre-Intermediate 1">PI1</option>
<option value="Pre-Intermediate 2" >PI2</option>
<option value="Pre-Intermediate 3" >PI3</option>
</select></td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="19%"><p><strong>Grammar:</strong></td>
<td width="31%"><p><input type="text" name="Grammar" id="textfield" value="<?= isset($_POST['Grammar']) ? htmlspecialchars($_POST['Grammar']) : '' ?>">
<strong>/35</strong></p></td>
<td width="50%"> </td>
</tr>
<tr>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td><strong>Reading:</strong></td>
<td><p><input type="text" name="Reading" id="textfield2" value="<?= isset($_POST['Reading']) ? htmlspecialchars($_POST['Reading']) : '' ?>">
<strong>/20</strong></p></td>
<td> </td>
</tr>
<tr>
<td><strong>Writing:</strong></td>
<td><p><input type="text" name="Writing" id="textfield3" value="<?= isset($_POST['Writing']) ? htmlspecialchars($_POST['Writing']) : '' ?>">
<strong>/20</strong></p></td>
<td> </td>
</tr>
<tr>
<td><strong>Listening:</strong></td>
<td><p><input type="text" name="Listening" id="textfield4" value="<?= isset($_POST['Listening']) ? htmlspecialchars($_POST['Listening']) : '' ?>">
<strong>/20</strong></p></td>
<td> </td>
</tr>
<tr>
<td><strong>Speaking:</strong></td>
<td><p><input type="text" name="Speaking" id="textfield5" value="<?= isset($_POST['Speaking']) ? htmlspecialchars($_POST['Speaking']) : '' ?>">
<strong>/20</strong></p></td>
<td> </td>
</tr>
<tr>
<td><strong>Teacher`s assessment:</strong></td>
<td><p><input type="text" name="TeachersAssessment" id="textfield6" value="<?= isset($_POST['TeachersAssessment']) ? htmlspecialchars($_POST['TeachersAssessment']) : '' ?>">
<strong>/15</strong></p></td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td></td>
<td><input type="text" name="Totalz" id="textfield7" value="<?php echo "$Results" ?>">
<strong>/130</strong></td>
<td><input type="text" name="Overallz" id="textfield8" value="<?php echo "$Overall" ?>">
<strong>%</strong></td>
</tr>
<tr>
<td><input type="submit" name="Result" id="Result" value="Calculate"></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><strong>Teacher’s recommendation:</strong></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><label>
<input type="checkbox" name="Progress[]" value="Repeat" id="CheckboxGroup1_0">
Repeat</label>
<br></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><label>
<input type="checkbox" name="Progress[]" value="Progress" id="CheckboxGroup1_1">
Progress</label>
<br></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
</table>
<p>
<input type="submit" name="SubmitForm" id="SubmitForm" value="Insert Records">
</p>
</form>
</body>
</html>
答案 0 :(得分:0)
错误消息显示查询部分完全在错误点之后。
因此,如果你在这个地方查看你的查询,你会看到错过的引用
,$Totalz','$Overallz','". $checkBoxz ."'
为了防止出现此类错误的任何可能性(更不用说保护您的代码非常容易受到SQL注入),您必须使用预备语句查询。为什么PDO比mysqli更有用。