我是 PHP 和 SQL 的新手,由于某种原因,我得到了这个非常奇怪和神秘的错误。
致命错误:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在 /home/ 的第 1 行的“INSER INTO history(stype, symbol, amount, price, time, userid) VALUES (?, ?, ?, ') 附近使用正确的语法jharvard/vhosts/localhost/includes/functions.php 在第 139 行
这是我使用的代码:
<?php
require("../includes/config.php");
if ($_SERVER["REQUEST_METHOD"] == "POST"){
// Retrieve the requested user's symbol and calculate the stock's price
$symbol = $_POST["symbol"];
$price = lookup($symbol)["price"];
// If lookup fails, apologize
if ($price === null) {
apologize("Sorry!");}
// Retrieve user's cash balance
$cash = query("select cash from users where id = ?", $_SESSION["id"]);
foreach ($cash as $qux){$cash = $qux["cash"];}
// Calculate the amount of money needed to buy the amount of stock
$PayPrice = $_POST["SAmount"] * $price;
// If user doesnt have enough cash, apologize
if ($cash < $PayPrice){apologize("Your a cheapskate");}
// If user enters a decimal or negative number, apologize
if (preg_match("/^\d+$/", $_POST["SAmount"]) != true){apologize("Y u so decimal");}
// Deduct the amount of cash from user's money
$result = query("UPDATE users SET cash = ? where id = ?", ($cash - $PayPrice), $_SESSION["id"]);
if ($result === false){apologize("Update failed, cash");}
// Update the user's stock
$result = query("INSERT INTO stocks (id, symbol, stock) VALUES (?,?,?) ON DUPLICATE KEY UPDATE stock = stock + ?", $_SESSION['id'], $_POST["symbol"], $_POST["SAmount"], $_POST["SAmount"]);
if ($result === false){apologize("Update failed, stock");}
// Update history
$result = query("INSER INTO history(stype, symbol, amount, price, time, userid) VALUES (?, ?, ?, ?, ?, ?)", 'buy', $symbol, $_POST['SAmount'], $PayPrice, time(), $_SESSION['id']);
}
else{render("BuyPage.php");}
?>
这是查询()代码
function query(/* $sql [, ... ] */)
{
// SQL statement
$sql = func_get_arg(0);
// parameters, if any
$parameters = array_slice(func_get_args(), 1);
// try to connect to database
static $handle;
if (!isset($handle))
{
try
{
// connect to database
$handle = new PDO("mysql:dbname=" . DATABASE . ";host=" . SERVER, USERNAME, PASSWORD);
// ensure that PDO::prepare returns false when passed invalid SQL
$handle->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch (Exception $e)
{
// trigger (big, orange) error
trigger_error($e->getMessage(), E_USER_ERROR);
exit;
}
}
// prepare SQL statement
$statement = $handle->prepare($sql);
if ($statement === false)
{
// trigger (big, orange) error
trigger_error($handle->errorInfo()[2], E_USER_ERROR);
exit;
}
// execute SQL statement
$results = $statement->execute($parameters);
// return result set's rows, if any
if ($results !== false)
{
return $statement->fetchAll(PDO::FETCH_ASSOC);
}
else
{
return false;
}
}
这个问题非常神秘,因为我不知道发生了什么,我包含了我认为需要的所有代码,但如果需要更多,请告诉我。Ps:不用说,问题只是在我输入了最后一行用于插入历史的SQL代码之后才出现的,否则其他一切都很好。