-1

我收到一个 PHP 错误:

Parse Error received on unexpected T_ENCAPSED AND WHITESPACE.

该行:($insert .= "($POST...)是产生错误的行。 

(string)$insert;
if(is_array($_POST['Year']))
{
    foreach($_POST['Year'] as $k=>$v)
    {
        //the following line returns the error
        $insert .= "($_POST['Name'][$k], $_POST['One'][$k], $_POST['Two'][$k], $_POST['Four'][$k], $_POST['Eight'][$k], $_POST['Fifteen'][$k], $_POST['LJump'][$k], $_POST['HJump'][$k], $_POST['Shotputt'][$k], $_POST['Discuss'][$k], $_POST['Javelin'][$k], $_POST['Date'][$k], $_POST['Year'][$k]),";
    }
    $insert = substr_replace($insert ,0,-1);
}
else
{
    $insert .= "($_POST['Name'], $_POST['One'], $_POST['Two'], $_POST['Four'], $_POST['Eight'], $_POST['Fifteen'], $_POST['LJump'], $_POST['HJump'], $_POST['Shotputt'], $_POST['Discuss'], $_POST['Javelin'], $_POST['Date'], $_POST['Year'])";
}

$sql="INSERT INTO results_main 
(Name, One, Two, Four, Eight, Fifteen, LJump, HJump, Shotputt, Discuss, Javelin, Date, Year)
VALUES 
".$insert;

$result = mysql_query($sql) or die(mysql_error());
4

1 回答 1

7

基本 PHP 语法:不能在双引号字符串中使用带引号的数组键:

$x = "$array['key']";
             ^---^--- wrong

它应该是:

$x = "{$array['key']}";
      ^--           ^--- note the braces
or
$x = "$array[key]";
             ^--^-- note lack of ' quotes

你也敞开心扉,乞求SQL 注入攻击。因此,在进行任何其他编码之前,请先了解这一点。

于 2013-04-15T14:57:20.103 回答