-1

我正在尝试运行 PHP 脚本,但每当我运行它时我都会收到此错误。

错误:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''id', 'firstname', 'lastname', 'email', 'username', 'password', 'hash', 'active'' at line 1

PHP:

<?php
require('includes/connect.php');

if($_POST['submit'] == true) {

    $firstname = mysql_real_escape_string($_POST['firstname']);
    $lastname = mysql_real_escape_string($_POST['lastname']);
    $email = mysql_real_escape_string($_POST['email']);
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    $hash = mysql_real_escape_string(md5(uniqid(rand(), true)));
    $active = mysql_real_escape_string(0);

    $query = mysql_query(" INSERT INTO users_main ( 'id', 'firstname', 'lastname', 'email', 'username', 'password', 'hash', 'active' ) VALUES ( '', '" . $firstname . "', '" . $lastname . "', '" . $email . "', '" . $username . "', '" . $password . "', '" . $hash . "', '" . $active . "' ) ") or die(mysql_error());

} else {

}

?>
4

1 回答 1

6

不要用单引号引用列名。MySQL 使用反引号来引用列和表标识符。

如果用作标识符,一些特殊关键字需要用反引号引起来,但您没有使用任何这些。您的所有专栏都不需要引用。

 $query = mysql_query(" INSERT INTO users_main ( id, firstname, lastname, email, username, password, hash, active ) VALUES ( '', '" . $firstname . "', '" . $lastname . "', '" . $email . "', '" . $username . "', '" . $password . "', '" . $hash . "', '" . $active . "' ) ") or die(mysql_error());
于 2012-05-05T21:55:52.423 回答