-3

我已经盯着这个错误看了一个多小时了,我一辈子都看不出有什么问题。

这是我的错误:

解析错误:语法错误,第 42 行 C:\web\account.php 中的意外 '('

这是我在 html 中的第一个 php 标记之后的代码(Line42 以“$searchstring”开头)。

<?php

include_once 'header.php';
include_once 'functions.php';
require_once 'login_users.php';

$db_server = mysql_connect($db_hostname, $db_username, $db_password);
if (!$db_server) die("Unable to connect to database:" . mysql_error());

mysql_select_db($db_database)
    or die("Unable to find database:" . mysql_error());

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta content="en-us" http-equiv="Content-Language" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Weapon Build Creator</title>

<link href="styles/main.css" rel="stylesheet" type="text/css" />

<style type="text/css">
.auto-style1 {
    margin-top: 0px;
}
</style>

</head>

<body style="background-image: url('images/bg.jpg')">

<div id="form" style="left: 50%">
<div class="newsdiv">
    <br />
    <p class="title">MY BUILDS</p>

<?php //search result table



   $searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author="($_SESSION['username'])" "; // Line 42

$result = mysql_query($searchstring);

if (!$result) die ("Database access failed: " . mysql_error());

$rows = mysql_num_rows($result);

.... More code down here

让我知道你是否能看到它!

万分感谢!

4

6 回答 6

2

您的 sql 中有未转义的引号。在双引号内使用单引号或使用dot.

 $searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author='($_SESSION['username'])'"; // i don't know why you used `(` to wrap username

或者

 $searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author='" . ($_SESSION['username']) . "'";
于 2013-07-31T01:43:23.267 回答
2 
$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author="($_SESSION['username'])" ";

应该

$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author='" . $_SESSION['username'] . "'";
于 2013-07-31T01:42:00.130 回答
1

只需转义双引号:

$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author=\"{$_SESSION['username']}\" ";
于 2013-07-31T01:40:05.353 回答
1

改变:

$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author="($_SESSION['username'])" "; // Line 42

至:

 $searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author='".$_SESSION['username']."'"; // Line 42

我做了什么?我删除了括号并使用了连接,查看此链接以获得有关连接的帮助:http: //phphowto.blogspot.co.uk/2006/12/concatenate-strings.html

于 2013-07-31T01:42:05.020 回答
0

我认为您需要添加句点字符才能正确连接您的字符串。

IE

$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author=" . ($_SESSION['username']) . " ";

实际上也不需要括号,因此您可以:

$searchstring = "SELECT buildname,weapon,category,id,author,buildname FROM weapons WHERE author=" . $_SESSION['username'] . " ";
于 2013-07-31T01:40:23.070 回答
0

尝试这个

$username= mysql_real_escape_string($_SESSION['username']);
//You should scapes the variable, if the name was O'relly you get an error in sql syntax

$searchstring = "
SELECT buildname,weapon,category,id,author,buildname 
FROM weapons 
WHERE author='$username' "; // on Line 42

就我个人而言,我更喜欢变量的双引号和单引号内以避免“ \ 。”

注意:mysql_* 扩展自 PHP 5.5.0 起已弃用,将来将被删除。相反,应该使用 MySQLi 或 PDO_MySQL 扩展

于 2013-07-31T02:07:52.247 回答