-4

我知道,这个问题是重复的:

 if (($_POST['os'] != "") || ($_POST['cp'] != "") || ($_POST['ser'] != "")) {

                  $var .= "left join (select bug_id,os,cp,service from category_bug_map where category_bug_map.os like '."$_POST['os']".' and category_bug_map.cp like '."$_POST['cp']".' and category_bug_map.service like '."$_POST['ser']".') as category_map on ( category_map.bug_id = bugs.bug_id)";
              }

它表明,在 $var 上,意外的 T_VARIABLE。这有什么问题?

4

3 回答 3

2

I think your problem is the way you are trying to concatenate the string with $_POST. Instead of '."$_POST['os']".' you have to precede " before .

'".$_POST['os']."'

This is because . (dot) is the concatenation operator and has to come between segments of a string.

Replace this in your code: $var .= "left join (select bug_id,os,cp,service from category_bug_map where category_bug_map.os like '".$_POST['os']."' and category_bug_map.cp like '".$_POST['cp']."' and category_bug_map.service like '."$_POST['ser']".') as category_map on ( category_map.bug_id = bugs.bug_id)";

于 2013-05-24T06:53:57.303 回答
1

这些部分:'."$_POST['cp']".'不正确。像这样重写:

'".$_POST['cp']."'

这里有更多信息:http: //php.net/manual/en/language.operators.string.php

于 2013-05-24T06:48:25.387 回答
1

如果你知道这是重复的,你为什么要发布它?

您在 $_POST 的 $var 行中的点不能在字符串分隔符内,而应在外。

此外,这段代码很糟糕,因为它暴露了 sql 注入问题:http ://de.wikipedia.org/wiki/SQL-Injection

于 2013-05-24T06:50:42.507 回答