1

我在 Windows 7 Ultimate 上运行 PHP 5.3.24(XAMPP 包)和 Microsoft SQL Server Express 2012。

我创建了一个表格来为多项选择测试创建一个题库。当我尝试提交问题时,我收到以下错误:

Array ( [0] => Array ( [0] => IMSSP [SQLSTATE] => IMSSP [1] => -14 [code] => -14 [2] => 向 sqlsrv_query 传递了一个无效参数。[消息] => 向 sqlsrv_query 传递了一个无效参数。))

这是我在 PHP 文件中使用的代码,用于处理来自表单的发布数据:

<?PHP
//section 1: define variables from post and clean up for posting.
$Question = $_POST['Question'];
$Question = trim(stripslashes(str_replace("'", "''", $Question)));
$Answer1 = $_POST['Answer1'];
$Answer1 = trim(stripslashes(str_replace("'", "''", $Answer1)));
$Answer2 = $_POST['Answer2'];
$Answer2 = trim(stripslashes(str_replace("'", "''", $Answer2)));
$Answer3 = $_POST['Answer3'];
$Answer3 = trim(stripslashes(str_replace("'", "''", $Answer3)));
$Answer4 = $_POST['Answer4'];
$Answer4 = trim(stripslashes(str_replace("'", "''", $Answer4)));
$Answer5 = $_POST['Answer5'];
$Answer5 = trim(stripslashes(str_replace("'", "''", $Answer5)));
$Answer6 = $_POST['Answer6'];
$Answer6 = trim(stripslashes(str_replace("'", "''", $Answer6)));
$Answer7 = $_POST['Answer7'];
$Answer7 = trim(stripslashes(str_replace("'", "''", $Answer7)));
$Answer8 = $_POST['Answer8'];
$Answer8 = trim(stripslashes(str_replace("'", "''", $Answer8)));
$Answer9 = $_POST['Answer9'];
$Answer9 = trim(stripslashes(str_replace("'", "''", $Answer9)));
$Answer10 = $_POST['Answer10'];
$Answer10 = trim(stripslashes(str_replace("'", "''", $Answer10)));
$QuestionNotes = $_POST['QuestionNotes'];
$QuestionNotes = trim(stripslashes(str_replace("'", "''", $QuestionNotes)));
$CorrectAnsw = $_POST['CorrectAnsw'];
$ProgramArea = $_POST['ProgramArea'];
$Difficulty = $_POST['Difficulty'];

//section 2: define sql statement
$sql=   ("INSERT INTO TESTDB.dbo.tblTestQuestions 
                (Question,Answer1,Answer2,Answer3,Answer4,Answer5, 
                 Answer6,Answer7,Answer8,Answer9,Answer10,CorrectAnsw,
                 ProgramArea,Difficulty,QuestionNotes,Inactive) 

        VALUES
                    (   '" . $Question . "','" . $Answer1 . "','" . $Answer2 . "','" . $Answer3 . "','" . $Answer4 . "',
                        '" . $Answer5 . "','" . $Answer6 . "','" . $Answer7 . "','" . $Answer8 . "','" . $Answer9 . "',
                        '" . $Answer10 . "'," . $CorrectAnsw . "," . $ProgramArea . "," . $Difficulty . ",
                        '" . $QuestionNotes . "',0)"); 

//section 3: call db connnection and post to database
include('C:/webincludes/dbconnect.php');    //this include defines $conn and has been tested to work
                                            //fine and I use it on dozens of other forms that work fine.

if (!SQLSRV_query($conn,$sql))
  {die( print_r( sqlsrv_errors(), true));} echo "Record Added";

SQLSRV_close($conn);


//section 4:    I added the following to display the variables to see what is being passed to the sql server.
//              To use it, I comment out section 3 and try to submit again.
echo "
        <html><body><br><font face='calibri' size='5'><b>Output as follows: </font></b><br>
        Question:&nbsp;&nbsp;&nbsp;&nbsp;" . $Question . "<br>
        Ans1:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer1 . "<br>
        Ans2:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer2 . "<br>
        Ans3:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer3 . "<br>
        Ans4:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer4 . "<br>
        Ans5:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer5 . "<br>
        Ans6:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer6 . "<br>
        Ans7:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer7 . "<br>
        Ans8:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer8 . "<br>
        Ans9:&nbsp;&nbsp;&nbsp;&nbsp;   " . $Answer9 . "<br>
        Ans10:&nbsp;&nbsp;&nbsp;    " . $Answer10 . "<br>
        Correct Answ:&nbsp;&nbsp;&nbsp;&nbsp;   " . $CorrectAnsw . "<br>
        Area:   " . $ProgramArea . "<br>
        Level:  " . $Difficulty . "<br>
        Notes:  " . $QuestionNotes . "<br>
        <b>SQL Statement:</b><br>
        " . $sql . "<br>
        " . $stmt . "<br>
        </font></body></html>
        ";

exit;
?>

当我提交数据时,我收到上面的错误。如果我注释掉实际运行 SQL 脚本的第 3 部分,然后只发布数据以显示它,我会得到以下信息:

输出如下: 问题:空腹燕子的空速是
多少 Ans1:43 bp
Ans2:你是什么意思?非洲的还是欧洲的?
Ans3:蓝色,没有yelloooooooooooooooooow
Ans4:灌木丛!
Ans5:尼!
Ans6:大危险!
Ans7: Robins minsterals
Ans8: 你妈妈是一只仓鼠,你爸爸闻到了接骨木的味道。
Ans9:它只是一个模型
Ans10:给您的消息,先生!
正确答案: : 2
面积: 10
等级: 3
备注: 我们是骑士说... Ni!
SQL 语句:
INSERT INTO CAR.dbo.tblTestQuestions (Question,Answer1,Answer2,Answer3,Answer4,Answer5,Answer6,Answer7,Answer8,Answer9,Answer10,CorrectAnsw,ProgramArea,Difficulty,QuestionNotes,Inactive) VALUES ('What is the airspeed velocity of an空腹燕子','43 bpm','你是什么意思?非洲人还是欧洲人?','蓝色,没有yelloooooooooooooooooooow','灌木丛!','Ni!','大危险!','Robins minsterals', '你妈妈是一只仓鼠,你爸爸闻到了接骨木的味道。','它只是一个模型','给你的信息,先生!',2,10,3,'我们是骑士说......尼! ,0)

如果我采用该 sql 语句并通过管理控制台运行它,它会很好地插入数据。但是当我尝试从网页运行它时,错误。

我很困惑。请原谅一个新手,但我哪里错了?

4

0 回答 0