duancong7358 2012-11-14 23:25
浏览 35
已采纳

无法在基本电子邮件跟踪像素中找到SQL语法错误[关闭]

I'm trying to setup a very simple email tracking pixel...it's proving to be less simple than I had originally expected.

My server is running linux and mysql v. 5.1.65

<?php

$username = '*******';
$db_password = '*******';
$database = '*******';

$IP = $_SERVER['REMOTE_ADDR'];

$CAMPAIGN = $_GET['MID'];

mysql_connect('localhost',$username,$db_password);
@mysql_select_db($database) or die( "Unable to select database");

mysql_query("INSERT INTO email_table VALUES ('$CAMPAIGN', '$IP',)") or die(mysql_error() );
mysql_close();
exit;
?>

I'm getting: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

  • 写回答

1条回答 默认 最新

  • donglu9445 2012-11-14 23:27
    关注

    You appear to have an extra comma at the end:

    INSERT INTO email_table VALUES ('$CAMPAIGN', '$IP',)

    Try:

    INSERT INTO email_table VALUES ('$CAMPAIGN', '$IP')

    BTW, I won't judge your code too much but tracking people by IP is not very reliable. For example, a lot of corporate traffic behind company firewalls can use the same IP address.

    Also, it looks like $CAMPAIGN comes from the HTTP post, which can be a security issue if you're not parameterizing your SQL.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 BP神经网络控制倒立摆
  • ¥20 要这个数学建模编程的代码 并且能完整允许出来结果 完整的过程和数据的结果
  • ¥15 html5+css和javascript有人可以帮吗?图片要怎么插入代码里面啊
  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角
  • ¥20 Java-Oj-桌布的计算