douyi5157 2014-07-03 20:45
浏览 27
已采纳

PHP中的SQL查询语法错误

I am trying to do a simple query on my MySQL db and echo back the result. I am getting the following error:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING)

This is the code for my query:

$result = mysqli_query($connection, "SELECT FROM table_name WHERE value='$_POST["searchname"]'";
echo $result;

I'm assuming it is a simple syntax error in the SQL statement, but I just am not seeing it. Thanks for the help!

  • 写回答

3条回答 默认 最新

  • dongxie7683 2014-07-03 20:47
    关注

    You need to ensure you are using quotes appropriately when building a string:

    $result = mysqli_query($connection, "SELECT * FROM table_name WHERE value='".$_POST["searchname"]."'";

    Also I hope you are aware that either way this type of statement is vulnerable to sql injections. You should ideally use prepared statements or some sort of validation or escape to the input.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 PointNet++的onnx模型只能使用一次
  • ¥20 西南科技大学数字信号处理
  • ¥15 有两个非常“自以为是”烦人的问题急期待大家解决!
  • ¥30 STM32 INMP441无法读取数据
  • ¥15 R语言绘制密度图,一个密度曲线内fill不同颜色如何实现
  • ¥100 求汇川机器人IRCB300控制器和示教器同版本升级固件文件升级包
  • ¥15 用visualstudio2022创建vue项目后无法启动
  • ¥15 x趋于0时tanx-sinx极限可以拆开算吗
  • ¥500 把面具戴到人脸上,请大家贡献智慧,别用大模型回答,大模型的答案没啥用
  • ¥15 任意一个散点图自己下载其js脚本文件并做成独立的案例页面,不要作在线的,要离线状态。