1

我用它来处理 PHP。

错误:-

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

编辑1:

$SQLQUERY = sprintf("SELECT pd_serial FROM product_details WHERE pd_model_type=%s AND pd_model_name=%s AND pd_model_version=%s AND pd_product_group=%s LIMIT 1",
GetSQLValueString($modeltype, "text"),
GetSQLValueString($modelname, "text"),
GetSQLValueString($modelversion, "text"),
GetSQLValueString($modelgroup, "text"));
$QUERYEXEC =  mysql_query($SQLQUERY, $dacreint) or die("OOPS! Please try again.");

while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
{
    $pdserial = $QUERYFETCH['pd_serial'];
}

编辑2:

while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
{
    $pdserial = $QUERYFETCH['pd_serial'];
}
$SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = '$product_serial_no'");
$TCcount_QE = mysql_query($SQLQUERY, $dacreint) or die(mysql_error());
4

3 回答 3

2

您应该将字符串放在单引号内。并确保您已经使用mysql_real_escape_string()或类似的函数转义了这些字符串值

SELECT pd_serial FROM product_details WHERE (pd_model_type='%s' AND pd_model_name='%s') AND (pd_model_version='%s' AND pd_model_group='%s') LIMIT 1

更新 1

            while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
            {
                $pdserial = $QUERYFETCH['pd_serial'];
            }
    // let's comment out the following line
        //    $SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = '$product_serial_no'");
// and modifying it as:
            $SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = %s", GetSQLValueString($product_serial_no, "text"));
            $TCcount_QE = mysql_query($SQLQUERY, $dacreint) or die(mysql_error());
于 2012-04-07T10:48:59.067 回答
0

这是正确的查询

SELECT pd_serial FROM product_details WHERE pd_model_type=%s AND pd_model_name=%s AND pd_model_version=%s AND pd_model_group=%s LIMIT 1

已编辑

SELECT pd_serial FROM product_details WHERE pd_model_type like '%s' AND pd_model_name like '%s' AND pd_model_version like '%s' AND pd_model_group like '%s' LIMIT 1

抱歉,我忘了把类似的条件括在括号中,我错过了,因为我们在这里使用了通配符

于 2012-04-07T10:48:39.987 回答
0

您能否添加“渲染”查询?您的参数是否应该在“%s”中设置在引号中?

顺便说一句:您不必在完全“与”链接的 WHERE 语句中设置括号。

于 2012-04-07T10:46:24.080 回答