我收到语法错误

时间:2018-01-21 05:01:58

标签: php

我收到语法错误:

  

解析错误:语法错误,第13行/smarthosting/content/n/n01200973/.website18129/cms/articles_edit.php中的意外T_VARIABLE

第13行是:

WHERE id = "'$_GET['id'].'"

完整代码:

if( isset($_POST['title']))
{
    $query = ('UPDATE articles SET
    title = "'.$_POST['title'].'",
    content = "'.$_POST['content'].'", 
    author = "'.$_POST['author'].'", 
    date = "'.$_POST['date'].'", 
    categoryId = "'.$_POST['categoryId'].'"
    WHERE id = "'$_GET['id'].'"
    LIMIT 1';

3 个答案:

答案 0 :(得分:0)

似乎您在wherelimit之前缺少空格。

$query = ('UPDATE articles SET
title = "'.$_POST['title'].'",
content = "'.$_POST['content'].'", 
author = "'.$_POST['author'].'", 
date = "'.$_POST['date'].'", 
categoryId = "'.$_POST['categoryId'].' "
WHERE id = "'.$_GET['id'].' "
LIMIT 1');

答案 1 :(得分:0)

尝试在单引号之间设置列值:

$query = ("UPDATE articles SET
title = '".$_POST['title']."',
content = '".$_POST['content']."', 
author = '".$_POST['author']."', 
date = '".$_POST['date']."', 
categoryId = '".$_POST['categoryId']."'
WHERE id = '".$_GET['id']."'
LIMIT 1");

但是,您应该使用prepared statements来避免SQL注入攻击。

答案 2 :(得分:0)

正如许多人已经提到的,这种方法会导致sql注入。

话虽如此,我不确定为什么这么少人似乎理解如何插入数组变量。 

public TreeNode constructTree(int[] preOrder, int[] inOrder) {

    if (preOrder.length == 0) {
      return null;
    }

    int preOrderIndex = 0;
    int inOrderIndex = 0;

    ArrayDeque<TreeNode> stack = new ArrayDeque<>();

    TreeNode root = new TreeNode(preOrder[0]);
    stack.addFirst(root);
    preOrderIndex++;

    while (!stack.isEmpty()) {

      TreeNode top = stack.peekFirst();

      if (top.val == inOrder[inOrderIndex]) {

        stack.pollFirst();
        inOrderIndex++;

        // if all the elements in inOrder have been visted, we are done
        if (inOrderIndex == inOrder.length) {
          break;
        }

        // Check if there are still some unvisited nodes in the left
        // sub-tree of the top node in the stack
        if (!stack.isEmpty()
            && stack.peekFirst().val == inOrder[inOrderIndex]) {
          continue;
        }

        // As top node in stack, still has not encontered its counterpart
        // in inOrder, so next element in preOrder must be right child of
        // the removed node
        TreeNode node = new TreeNode(preOrder[preOrderIndex]);
        preOrderIndex++;
        top.right = node;
        stack.addFirst(node);

      } else {
        // Top node in the stack has not encountered its counterpart
        // in inOrder, so next element in preOrder must be left child
        // of this node
        TreeNode node = new TreeNode(preOrder[preOrderIndex]);
        preOrderIndex++;
        top.left = node;
        stack.addFirst(node);
      }
    }

    return root;
  }

注意我没有在WHERE子句中的categoryId或id周围放置单引号。这是一个有根据的猜测,我认为这些都是整数,所以你不想把它们称为字符串。

相关问题
最新问题