3

我曾多次尝试插入数据库。这些值包含一个单引号 - 魔术引号被关闭,addslashes() 和 mysql_real_escape_string() 都转义了字符,但脚本在没有添加到数据库的情况下死亡。我也手动逃脱了,但这也失败了。但是,即使删除撇号,脚本仍然会死掉。

错误是: 无法插入人员:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在第 2 行的“11,Hazel,Blonde,从未错过一天的工作,从伯克利毕业,服务”附近使用正确的语法有人看到任何问题吗?

<?php
include('header.php');

$amount = 1;
$staffnum = '0101';
$height = array("5'11", "5'4", "6'2","5'5", "6'4");
$eye = array("Blue","Green","Hazel","Brown");
$hair = array("Brown", "Black", "Blonde", "Red");
$about1 = "Has never missed a day of work";
$about2 = "Graduated from Berkley";
$positions =  array('Server, Bartender', 'Bartender, Host', 'Sever, Host, Bartender', 'Cocktail Server, Bartender, Server'); 
$img = "none";
// arrays
$times = 1;


while($times <= 50) {
$staffnum ++; 
$heighta = mysql_real_escape_string($height[array_rand($height)]);
$eyea =  mysql_real_escape_string($eye[array_rand($eye)]);
$haira =  mysql_real_escape_string($hair[array_rand($hair)]);
$positionsa =   mysql_real_escape_string($positions[array_rand($positions)]);
$about1 =  mysql_real_escape_string($about1);
$about2 =   mysql_real_escape_string($about2);
$img =  mysql_real_escape_string($img);
$staffnum =  mysql_real_escape_string($staffnum);

$insert_staff = "INSERT INTO staff (staffnum, img_link, height, eye, hair, abt1, abt2, titles)
VALUES ($staffnum, $img, $heighta, $eyea, $haira, $about1, $about2, $positionsa)";

$insert_query = mysql_query($insert_staff);

if($insert_query) {
    ?>

<center>
  Member # <?php echo $staffnum; ?> has been added to the database.<br />
  <?php
} else {

  die('Could not insert staff: ' . mysql_error());

}

$times ++;
}

include('footer.php');
?>
  <a href="staff_insert.php?page=1">Return To Staff Insert</a>
</center>
4

2 回答 2

2

您需要在要插入的字符串变量周围加上引号:

$insert_staff = "INSERT INTO staff (staffnum, img_link, height, eye, hair, abt1, abt2, titles)
VALUES ('$staffnum', '$img', '$heighta', '$eyea', '$haira', '$about1', '$about2', '$positionsa')";
于 2012-11-21T21:44:21.577 回答
-1

当你想用基本的 mysql_query 发送这么多变量时,这有点复杂。你应该尝试 PDO 或 mysqli 但如果你需要使用你的代码,它应该更像

$insert_staff = "INSERT INTO staff (staffnum, img_link, height, eye, hair, abt1, abt2, titles)
VALUES ('".$staffnum."', '".$img."', '".$heighta."', '".$eyea."', '".$haira."', '".$about1."', '".$about2."', '".$positionsa."')";
于 2012-11-21T21:47:29.923 回答