du90093662774150 2014-07-30 04:27
浏览 73
已采纳

SQL语法错误。 check对应MYSQL服务器

I try to do a form which can insert data into database. After I insert a dummy data the is come out.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax

This error are make me in trouble. My database are not inserted any record

<?php

    $db = "assignment";
    $table = "column";

    $conn = mysqli_connect("localhost","root","");
    mysqli_select_db($conn,$db);

        $Title = $_POST['title'];
        $Author = $_POST['author'];
        $Country = $_POST['country'];
        $Date = $_POST['date'];
        $Abstract = $_POST['abstract'];
        $Problem = $_POST['rproblem'];
        $Aim = $_POST['raim'];
        $Objectives = $_POST['robjective'];
        $Type = $_POST['rstudies'];

    if(isset($_POST['rmethod'])){
        $method = implode(",",$_POST['rmethod']);
    }else{
        $method = "";
    }

    $sql = "INSERT INTO '$table' (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
            VALUES ('$Title','$Author,'$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";

    mysqli_query($conn,$sql);

    if (!mysqli_query($conn,$sql)){
        die('Error: ' . mysqli_error($conn));
    }else{
        echo "Data Added";
    }
    mysqli_close($conn);

    ?>
  • 写回答

3条回答 默认 最新

  • douyou9923 2014-07-30 04:31
    关注

    You've set your $table variable inside single quotes while using a reserved word, column for your table name $table = "column";

    Use backticks around it, like so:

    INSERT INTO `$table`
    

    either do that or give your table another name.


    You also have a quote missing here '$Author, so do '$Author',

    Also, you can remove mysqli_query($conn,$sql); since you're already using
    if (!mysqli_query($conn,$sql))


    Footnotes:

    Your present code is open to SQL injection. I strongly suggest that you use prepared statements, or PDO with prepared statements.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题