我知道这对你们大多数人来说可能都是非常容易的,但我刚开始学习PHP和MySQL而且我没有编程背景所以请耐心等待。我试图将以下内容插入数据库。
错误讯息:
解析错误:语法错误,意外 T_VARIABLE in 第17行的C:\ wamp \ www \ coninsert.php
PHP代码:
<?php
$db = mysql_connect("localhost", "algo","*****");
if (!$db)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("reno",$db);
$name=$_POST['nom'];
$address=$_POST['adresse'];
$city=$_POST['ville'];
$zip=$_POST['codepostal'];
$phone=$_POST['numtel'];
$email=$_POST['email'];
$travaux=$_POST['travaux']
$sql = "INSERT INTO piste(name, address, ville, zip, phone, email, travaux) VALUES ("$name","$address","$city","$zip","$phone","$email","$travaux")";
mysql_query($sql)
mysql_close($db)
?>
谢谢!
答案 0 :(得分:3)
行:
$travaux=$_POST['travaux']
mysql_query($sql)
mysql_close($db)
你缺少分号。
<小时/> 更新..是的,有
$sql = "INSERT INTO piste(name, address, ville, zip, phone, email, travaux)
VALUES "$name","$address","$city","$zip","$phone","$email","$travaux")";
应该是:
$sql = "INSERT INTO piste(name, address, ville, zip, phone, email, travaux)
VALUES ('$name','$address','$city','$zip','$phone','$email','$travaux')";
请为SQL注入添加一些保护,因为没有没有。
UPDATE2:
这样的行:$email=$_POST['email'];
应该是这样的:
$email= isset($_POST['email'])? mysql_real_escape_string($_POST['email']) : '';
答案 1 :(得分:0)
您需要围绕文字值使用单引号: VALUES('“。$ name。”','“。$ address。”','“。$ city。”','“。$ zip。”'.... ....
答案 2 :(得分:0)
更改此行:
$sql = "INSERT INTO piste(name, address, ville, zip, phone, email, travaux) VALUES ("$name","$address","$city","$zip","$phone","$email","$travaux")";
为:
$sql = "INSERT INTO piste(name, address, ville, zip, phone, email, travaux) VALUES ('" . $name . "','" . $address . "','" . $city . "','" . $zip . "','" . $phone . "','" . $email . "','" . $travaux . "')";