我正在尝试显示此页面上mysql行的信息。我正在使用$ _GET,因为该ID包含在该页面的链接中:www.example.com/page.php?id = 1但它返回此错误:
错误:您的SQL语法出错;检查与MySQL服务器版本对应的手册,以便在第1行的'='1''附近使用正确的语法
有谁知道如何解决这个问题?
以下代码:
<?php
$username="xxx";
$password="xxx";
$database="xxx";
mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
include 'library/config.php';
include 'library/opendb.php';
if(isset($_GET['id']))
{
$query = "SELECT id, title, content, contactname, contactemail, contactnumber ".
"FROM vacancies".
"WHERE id = '{$_GET['id']}'";
$result = mysql_query($query) or die('Error : ' . mysql_error());
list($id, $title, $content, $contactname, $contactemail, $contactnumber) = mysql_fetch_array($result, MYSQL_NUM);
$content = htmlspecialchars($content);
}
if(isset($_POST['update']))
{
$id = $_POST['id'];
$title = $_POST['title'];
$content = $_POST['content'];
$contactname = $_POST['contactname'];
$contactemail = $_POST['contactemail'];
$contactnumber = $_POST['contactnumber'];
if(!get_magic_quotes_gpc())
{
$title = addslashes($title);
$content = addslashes($content);
$contactname = addslashes($contactname);
$contactemail = addslashes($contactemail);
$contactnumber = addslashes($contactnumber);
}
// update the article in the database
$query = "UPDATE vacancies
SET title = '$title', content = '$content', contactname = '$contactname', contactemail = '$contactemail', contactnumber = '$contactnumber'".
"WHERE id = '$id'";
mysql_query($query) or die('Error : ' . mysql_error());
// then remove the cached file
$cacheDir = dirname(__FILE__) . '/cache/';
$cacheFile = $cacheDir . '_' . $_GET['id'] . '.html';
@unlink($cacheFile);
// and remove the index.html too because the file list
// is changed
@unlink($cacheDir . 'index.html');
echo "<b>Job Entry: '$title' updated</b>";
// now we will display $title & content
// so strip out any slashes
$title = stripslashes($title);
$content = stripslashes($content);
$contactname = stripslashes($contactname);
$contactemail = stripslashes($contactemail);
$contactnumber = stripslashes($contactnumber);
}
include 'library/closedb.php';
?>
答案 0 :(得分:1)
查看http://us2.php.net/manual/en/function.mysql-query.php
问题是你在这里使用了太多的单引号:
“WHERE id ='{$ _GET ['id']}'”;
并且您的查询未按预期执行。改为使用mysql_real_escape_string()。
答案 1 :(得分:0)
一个问题:
$query = "UPDATE vacancies
SET title = '$title', content = '$content', contactname = '$contactname', contactemail = '$contactemail', contactnumber = '$contactnumber'".
"WHERE id = '$id'";
导致最后一列和WHERE子句之间没有空格。将其更改为:
$query = "UPDATE vacancies
SET title = '$title', content = '$content', contactname = '$contactname', contactemail = '$contactemail', contactnumber = '$contactnumber' ".
"WHERE id = '$id'";
或我的首选格式:
$query = <<<END
UPDATE vacancies
SET title = '$title',
content = '$content',
contactname = '$contactname',
contactemail = '$contactemail',
contactnumber = '$contactnumber'
WHERE id = '$id'
END;
注意:你应该使用mysql_real_escape_string()来逃避字段。
答案 2 :(得分:0)
删除
周围的引号 {$_GET['id']}
和
$id
在您的所有查询中。
您的id是我假设的整数类型,它不能使用带引号的版本,或者尝试将整数键与字符串“1”匹配
- 改变这一行
$result = mysql_query($query) or die('Error : ' . mysql_error());
到
$result = mysql_query($query) or die('Error : ' . mysql_error() . "\n\n" . $query);
然后,您可以确切地看到进入数据库的查询。然后你可以在这里发帖给我们看。
也请发帖
describe <tablename>;
答案 3 :(得分:0)
试试这个:
$query = "SELECT id, title, content, contactname, contactemail, contactnumber ".
"FROM vacancies ".
"WHERE id = '".$_GET['id']."'";
我总是试图将变量从我的字符串中删除,只需将它们添加到句点中,我发现它消除了很多混淆。