1

你能告诉我这个查询有什么问题吗?我只是找不到错误,这让我发疯。

<?php
$query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum) 
VALUES (NULL, 
" . mysql_real_escape_string($_POST[vorname]) . ", 
" . mysql_real_escape_string($_POST[nachname]) . ", 
" . mysql_real_escape_string($_POST[land]) . ", 
" . mysql_real_escape_string($_POST[email]) . ", 
" . mysql_real_escape_string($_POST[caption1]) . ", 
" . mysql_real_escape_string($_POST[caption2]) . ", 
" . mysql_real_escape_string($_POST[caption3]) . ", 
" . mysql_real_escape_string($_POST[caption4]) . ", 
" . mysql_real_escape_string($_POST[caption5]) . ", 
CURRENT_TIMESTAMP)";
?>

'fortlaufend' 是具有 AUTO_INCREMENT 的主索引。mysql_error 是

无效查询:您的 SQL 语法有错误;查看与您的 MySQL 服务器版本相对应的手册,以了解在第 3 行的“姓名、姓氏、国家/地区、电子邮件,是什么让这张照片对您特别?,什么”附近使用的正确语法

谢谢!

4

2 回答 2

5

非整数值需要单引号。

  <?php
    $query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum) 
    VALUES (NULL, 
    '" . mysql_real_escape_string($_POST[vorname]) . "', 
    '" . mysql_real_escape_string($_POST[nachname]) . "', 
    '" . mysql_real_escape_string($_POST[land]) . "', 
    '" . mysql_real_escape_string($_POST[email]) . "', 
    '" . mysql_real_escape_string($_POST[caption1]) . "', 
    '" . mysql_real_escape_string($_POST[caption2]) . "', 
    '" . mysql_real_escape_string($_POST[caption3]) . "', 
    '" . mysql_real_escape_string($_POST[caption4]) . "', 
    '" . mysql_real_escape_string($_POST[caption5]) . "', 
    CURRENT_TIMESTAMP)";
    ?>
于 2012-07-01T14:14:41.927 回答
1

您没有在查询中使用引号。

<?php
$query = "INSERT INTO atable (fortlaufend, vorname, nachname, land, email, caption1, caption2, caption3, caption4, caption5, datum) 
VALUES (NULL, 
'" . mysql_real_escape_string($_POST[vorname]) . "', 
'" . mysql_real_escape_string($_POST[nachname]) . "', 
'" . mysql_real_escape_string($_POST[land]) . "', 
'" . mysql_real_escape_string($_POST[email]) . "', 
'" . mysql_real_escape_string($_POST[caption1]) . "', 
'" . mysql_real_escape_string($_POST[caption2]) . "', 
'" . mysql_real_escape_string($_POST[caption3]) . "', 
'" . mysql_real_escape_string($_POST[caption4]) . "', 
'" . mysql_real_escape_string($_POST[caption5]) . "', 
CURRENT_TIMESTAMP)";
?>
于 2012-07-01T14:15:01.897 回答