您在第1行''''附近的SQL语法中出错

时间:2017-05-01 12:50:27

标签: php sql mysqli

所以伙计们,我收到了一条错误信息:

  

错误:您的SQL语法出错;检查手册   对应于您的MariaDB服务器版本,以获得正确的语法   在第1行'''附近


从这些代码中,每当我点击添加按钮
todo.php

<?php
include '../database/database.php';
session_start();

$user_id = $_SESSION['user_id'];

$querydisplay = "SELECT * FROM todo WHERE user_id=$user_id";
$result = mysqli_query($conn, $querydisplay);

?>

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <title>To Do List</title>

    <!-- Bootstrap core CSS -->
    <link href="../assets/css/bootstrap.css" rel="stylesheet">

    <!-- Custom styles for this template -->
    <link href="../assets/css/custom.css" rel="stylesheet">

  </head>

  <body>

    <div class="container">
      <div class="header clearfix">
        <nav>
          <ul class="nav nav-pills pull-right">
            <li role="presentation" class="active"><a href="#">Home</a></li>
            <li role="presentation"><a href="#">About</a></li>
            <li role="presentation"><a href="#">Contact</a></li>
          </ul>
        </nav>
        <h3 class="text-muted">To Do List <?php echo $_SESSION['name'];?></h3>
      </div>

      <div class="panel panel-default">
        <div class="panel-heading"></div>
        <div class="panel-body">
            <div class="row">
                <div class="col-md-2"></div>
                <div class="col-md-8">
                    <ul class="list-group text-left">
                        <?php while($data=mysqli_fetch_array($result)) :?>
                            <?php if($data['done'] == 0) : ?>
                                <li class="list-group-item"><span class="task_list"><?php echo $data['task'] ?></span><a href="../models/done_process.php?id=<?php echo $data['list_id']?>"><span class="label label-default">Mark As Done</span></a></li>
                            <?php else : ?>
                                <li class="list-group-item"><span class="task_list"><strike><?php echo $data['task'] ?></strike></span><a href="../models/delete_process.php?id=<?php echo $data['list_id']?>"><span class="label label-danger">Delete</span></a></li>
                            <?php endif; ?>
                        <?php endwhile; ?>
                    </ul>

                    <form class="form-horizontal" method="POST" action="../models/newtask_process.php">
                        <div class="form-group">
                            <div class="col-sm-12">
                                <input name="newtask" type="text" class="form-control" placeholder="Enter New Task">
                            </div>
                        </div>                       
                        <div class="form-group">
                            <div class="col-sm-offset-2 col-sm-10">
                                <button name="submit" type="submit" class="btn btn-sm btn-primary">Add</button>
                            </div>
                        </div>
                    </form>

                </div>
                <div class="col-md-2"></div>
            </div>
        </div>
        </div>

      <footer class="footer text-center">
        <p>&copy; Company 2017</p>
      </footer>

    </div> <!-- /container -->

  </body>
</html>

newtask_process.php

<?php
include '../database/database.php';
session_start();

if(isset($_POST['submit']))
    $user_id = $_SESSION['user_id'];
    $task = mysqli_real_escape_string($conn, $_POST['newtask']);

if(!isset($user_id) || $user_id = "" || !isset($task) || $task = "")
{
    echo '<script language="javascript">alert("You Write an Empty Task. Process Failed.");
              document.location="../views/todo.php";</script>';
}
else
{
    $queryinsert = "INSERT INTO todo (user_id, task) VALUES ($user_id, '$task')";

    if(mysqli_query($conn, $queryinsert))
    {
        header("Location: ../view/todo.php");
        exit();

    }
    else
    {
        die ('Error : ' .mysqli_error($conn));
    }

}


mysqli_close($conn);

?> 


请帮我调试这个插入查询或类似的东西。

我还没有转到更新或删除查询。

我已经看过这样类似的问题了,我已经试过了,但没有成功,

也许有一些我想念的东西

我知道这不是执行查询的安全方法(我不使用PDO或类似的东西)。

但我只是试图了解它,也许以后我会转向PDO和OOP概念。

3 个答案:

答案 0 :(得分:2)

正如我的评论中所提到的,这一行正在重写你的变量:

if(!isset($user_id) || $user_id = "" || !isset($task) || $task = "")

将其更改为使用空函数:

if(empty($user_id) || empty($task))

除非其中一个为0或为null,否则这将起作用并且您的变量将通过。

答案 1 :(得分:-2)

这可以有效$querydisplay = "SELECT * FROM todo WHERE user_id='$user_id'";

答案 2 :(得分:-2)

可能是这样的:

#if VTK_MAJOR_VERSION <= 5
  ...
#else
  ...
#endif